Thanks Torsten!
On Saturday, July 21, 2018, Torsten Lodderstedt
wrote:
> Hi Rifaat,
>
> Berlin Group‘s Nextgen PSD2 Spec (https://docs.wixstatic.com/ugd/c2914b_
> 5351b289bf844c6881e46ee3561d95bb.pdf) also refers to mTLS.
>
> kind regards,
> Torsten.
>
> Am 21.07.2018 um 23:25 schrieb Rifaat Sh
Hi Rifaat,
Berlin Group‘s Nextgen PSD2 Spec
(https://docs.wixstatic.com/ugd/c2914b_5351b289bf844c6881e46ee3561d95bb.pdf)
also refers to mTLS.
kind regards,
Torsten.
> Am 21.07.2018 um 23:25 schrieb Rifaat Shekh-Yusef :
>
> All,
>
> The following is the shepherd write-up for the drafts-ietf-o
All,
The following is the shepherd write-up for the draft-ietf-oauth-mtls-10
document:
https://datatracker.ietf.org/doc/draft-ietf-oauth-mtls/shepherdwriteup/
Please, take a look and let us know if you have any comments.
Regards,
Rifaat & Hannes
___
O
Hello,
about the mentioned content-types in the current draft *jwsreq-16*
in *section-10.4.1* - says to
check the content type of the response is "application/jose"
I believe this should be application/jwt instead
in *section-10.4.2* - says to
check the content type of the response is "appli
+1
Hans.
On Sat, Jul 21, 2018 at 7:12 PM, Filip Skokan wrote:
> I support the adoption or this document by the WG.
>
> Filip Skokan
>
> Odesláno z iPhonu
>
> 19. 7. 2018 v 19:43, Rifaat Shekh-Yusef :
>
> Hi all,
>
> This is the call for adoption of the 'JWT Response for OAuth Token
> Introspect
I support the adoption or this document by the WG.
Filip Skokan
Odesláno z iPhonu
19. 7. 2018 v 19:43, Rifaat Shekh-Yusef :
> Hi all,
>
> This is the call for adoption of the 'JWT Response for OAuth Token
> Introspection' document following the presentation by Torsten at the Montreal
> IETF
Hi Mark,
> Am 20.07.2018 um 17:47 schrieb Mark Dobrinic :
>
> I +1 this,
thanks
>
> but at the same time, I'm wondering what happened with the argument that
> this should be solved by Token Exchange instead of Introspect?
We presented two use case in London, (1) providing evidence for the RS’s
Hi Dick,
Am 19.07.2018 um 15:46 schrieb Dick Hardt :
>> I think any scenario with multiple resource servers relying on the same AS
>> for authorization where the client acts on behalf of the resource owner
>> qualifies for grant type code and distributed OAuth.
>>
>> Let’s assume a user wants
Hi Dick,
> Am 20.07.2018 um 19:46 schrieb Dick Hardt :
>
> There are a few places where multiple resources could be used:
>
> One is in the code flow where it is desirable to optimize the user experience
> so that the user is granting authorization once, and not multiple times.
>
I agree. Th
Hi Brian,
> Am 20.07.2018 um 16:18 schrieb Brian Campbell :
>
> The current draft does allow multiple "resource" parameters. However, there
> seemed to be consensus in the WG meeting yesterday that only a single
> "resource" parameter was preferable
I think this makes sense for the token reque
I am not aware of any IPR.
Sent from Mail for Windows 10
From: Rifaat Shekh-Yusef
Sent: Tuesday, July 17, 2018 10:06 AM
To: oauth
Subject: [OAUTH-WG] MTLS - IPR Disclosure
Authors,
As part of the write-up for the OAuth MTLS document, we need an IPR disclosure
from all of you..
Are you aware o
11 matches
Mail list logo
