ideas? Should I just send
to this list or write-up a draft?
Thanks.
/thomas/
__
From: Dick Hardt [mailto:dick.ha...@gmail.com]
Sent: Tuesday, May 25, 2010 1:53 AM
To: Thomas Hardjono
Cc: OAuth WG
Subject: Re: [OAUTH-WG] Access token opaqueness question
Not sure why you want to pull the OAuth token parameters from the Kerberos
token.
Are you envisioning the Protected Resource is a Kerberos Client?
On Mon, May 24, 2010 at 9:31 AM, Thomas Hardjono wrote:
>
> I'm still a newbie to the OAuth and WRAP discussions, so please bear with
> me.
>
> In
I'm still a newbie to the OAuth and WRAP discussions, so please bear with me.
In Section 2.2, draft-ietf-oauth-v2-05 states that the access token is basicaly
an opaque structure to the client, but which can have some "internal structure"
(having meaning to the authz server and resource server):
