Yes this is an example of how you could do it inside the existing specs. I guess you could look at it as token transformation for software statements.
This and signed state were created based on developer feedback that we tell them that they need to do something or that they can do something in spec language, but they want an example of how it can be done. I expect may of them will look at this, and do it some other way that they think is better, but this gives them a start. John B. > On Feb 7, 2016, at 8:06 PM, Justin Richer <jric...@mit.edu> wrote: > > There's already support for this, but just a quick reminder to the working > group that we already hint at this capability in RFC7951: > > In some cases, authorization servers MAY choose to accept a software > statement value directly as a client identifier in an authorization > request, without a prior dynamic client registration having been > performed. The circumstances under which an authorization server > would do so, and the specific software statement characteristics > required in this case, are outside the scope of this specification. > > (Last paragraph of section 2.3) > > -- Justin > > On 2/7/2016 3:07 PM, Roland Hedberg wrote: >> +1 >> >>> 6 feb 2016 kl. 19:56 skrev William Denniss <wdenn...@google.com> >>> <mailto:wdenn...@google.com>: >>> >>> +1 to adopt. >>> >>> I don't think we're planning to use this, but it looks useful and doesn't >>> harm interoperability so I support it. >>> >>> On Sat, Feb 6, 2016 at 3:43 AM, Torsten Lodderstedt >>> <tors...@lodderstedt.net> <mailto:tors...@lodderstedt.net> wrote: >>> +1 >>> >>> >>> Am 04.02.2016 um 17:37 schrieb John Bradley: >>> I support it. >>> >>> I have always thought of this as informational. It is not the only way to >>> do it, and has no real interoperability impact. >>> >>> John B. >>> On Feb 4, 2016, at 3:29 AM, Mike Jones <michael.jo...@microsoft.com> >>> <mailto:michael.jo...@microsoft.com> wrote: >>> >>> I support adoption of this document by the working group as either an >>> experimental or information specification. >>> >>> -- Mike >>> >>> -----Original Message----- >>> From: OAuth [mailto:oauth-boun...@ietf.org <mailto:oauth-boun...@ietf.org>] >>> On Behalf Of Hannes Tschofenig >>> Sent: Tuesday, January 19, 2016 4:05 AM >>> To: oauth@ietf.org <mailto:oauth@ietf.org> >>> Subject: [OAUTH-WG] Call for Adoption: Stateless Client Identifier for >>> OAuth 2 >>> >>> Hi all, >>> >>> this is the call for adoption of Stateless Client Identifier for OAuth 2, >>> see >>> https://tools.ietf.org/html/draft-bradley-oauth-stateless-client-id-02 >>> <https://tools.ietf.org/html/draft-bradley-oauth-stateless-client-id-02> >>> >>> Please let us know by Feb 2nd whether you accept / object to the adoption >>> of this document as a starting point for work in the OAuth working group. >>> >>> Ciao >>> Hannes & Derek >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org <mailto:OAuth@ietf.org> >>> https://www.ietf.org/mailman/listinfo/oauth >>> <https://www.ietf.org/mailman/listinfo/oauth> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org <mailto:OAuth@ietf.org> >>> https://www.ietf.org/mailman/listinfo/oauth >>> <https://www.ietf.org/mailman/listinfo/oauth> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org <mailto:OAuth@ietf.org> >>> https://www.ietf.org/mailman/listinfo/oauth >>> <https://www.ietf.org/mailman/listinfo/oauth> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org <mailto:OAuth@ietf.org> >>> https://www.ietf.org/mailman/listinfo/oauth >>> <https://www.ietf.org/mailman/listinfo/oauth> >> ”Everybody should be quiet near a little stream and listen." >> >From ’Open House for Butterflies’ by Ruth Krauss >> >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org <mailto:OAuth@ietf.org> >> https://www.ietf.org/mailman/listinfo/oauth >> <https://www.ietf.org/mailman/listinfo/oauth> > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
