(reposting this to the list, due to an error on my part the mail got sent
privately)
> > > > - Can 'audience' be added to 'Resource Indicators for OAuth 2.0'?
> > >
> > > No, that's beyond it's current scope. And it is well past last call in
> > > the WG. But note that a logical identifier can be
On Tue, May 7, 2019 at 7:03 AM Hannes Tschofenig
wrote:
>
> The group can define what is in scope of a document and what isn't.
>
Which is what's been done with the document during the course of it's
development and WGLC and subsequent submission to the IESG for publication.
--
_CONFIDENTIALIT
> > - Can 'audience' be added to 'Resource Indicators for OAuth 2.0'?
>
> No, that's beyond it's current scope. And it is well past last call in
> the WG. But note that a logical identifier can be used as the value of
> the resource parameter.
The group can define what is in scope of a document an
On zondag 5 mei 2019 15:54:48 CEST you wrote:
> On Fri, May 3, 2019 at 9:39 AM Emond Papegaaij
> > To summarize, I have to following questions:
> > - Is the 'OAuth 2.0 Token Exchange' specification still active?
>
> Yes with the caveats mentioned above. I will say that although there's a
> lot o
On Fri, May 3, 2019 at 9:39 AM Emond Papegaaij
wrote:
> [...] we are investigating 'OAuth 2.0
> Token Exchange'. [...] However, I noticed that
> draft 16 has expired on April 22, 2019. Is this specification still active?
>
Yeah, it is. A nontrivial amount of stuff came up in IESG balloting on th
Hi all,
For the application I work on, Topicus KeyHub, we are investigating 'OAuth 2.0
Token Exchange'. We want to use this protocol to exchange an access token for
a SAML assertion for signing in to AWS (see below). However, I noticed that
draft 16 has expired on April 22, 2019. Is this specif
