OIDC seems about the most plausible candidate for a “good general solution” that I’m aware of. -T
On Tue, Feb 5, 2013 at 1:22 PM, William Mills <wmills_92...@yahoo.com>wrote: > There are some specific design mis-matches for OAuth as an authentication > protocol, it's not what it's designed for and there are some problems you > will run into. Some have used it as such, but it's not a good general > solution. > > -bill > > ------------------------------ > *From:* Paul Madsen <paul.mad...@gmail.com> > *To:* John Bradley <ve7...@ve7jtb.com> > *Cc:* "oauth@ietf.org WG" <oauth@ietf.org> > *Sent:* Tuesday, February 5, 2013 1:12 PM > *Subject:* Re: [OAUTH-WG] Why OAuth it self is not an authentication > framework ? > > why pigeonhole it? > > OAuth can be deployed with no authz semantics at all (or at least as > little as any authn mechanism), e.g client creds grant type with no scopes > > I agree that OAuth is not an *SSO* protocol. > > On 2/5/13 3:36 PM, John Bradley wrote: > > OAuth is an Authorization protocol as many of us have pointed out. > > The post is largely correct and based on one of mine. > > John B. > > On 2013-02-05, at 12:52 PM, Prabath Siriwardena <prab...@wso2.com> wrote: > > FYI and for your comments.. > > > http://blog.facilelogin.com/2013/02/why-oauth-it-self-is-not-authentication.html > > Thanks & Regards, > Prabath > > Mobile : +94 71 809 6732 > > http://blog.facilelogin.com/ > http://rampartfaq.com/ > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > > > _______________________________________________ > OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oauth > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth