Sorry Brian, I was not clear with my statement.
I meant to say that we should not allow the process to prevent the WG from
producing a quality document without issues, assuming there is an issue in
the first place.
Ideally we want to get these identified during the WGLC, but things happen
and somet
Thanks Rifaat. Process is as process does, right? I do kinda want to
grumble about WGCL having passed already but that's mostly because replying
to these kinds of threads is hard for me and I'll just get over it...
As far as I understand things, the security concerns come into play when
the client
I wouldn't worry too much about the process.
If it makes sense to update the document, then feel free to do that.
Regards,
Rifaat
On Fri, Jan 18, 2019 at 3:08 PM John Bradley wrote:
> Yes the logical resource can be provided by "scope"
>
> Some implementations like Ping and Auth0 have been ad
Yes the logical resource can be provided by "scope"
Some implementations like Ping and Auth0 have been adding another parameter
"aud" to identify the logical resource and then using scopes to define
permissions to the resource.
Fortunately, we are using a different parameter name so not stepping
Doesn’t the “scope” parameter already provide a means of specifying a logical
identifier?
--
Annabelle Richard Backman
AWS Identity
From: OAuth on behalf of Vittorio Bertocci
Date: Friday, January 18, 2019 at 5:47 AM
To: John Bradley
Cc: IETF oauth WG
Subject: Re: [OAUTH-WG] Shepherd write
Thanks John for the background.
I agree that from the client validation PoV, having an identifier
corresponding to a location makes things more solid.
That said: the use of logical identifiers is widespread, as it has
significant practical advantages (think of services that assign generated
hosting
