The flow is not SAML-specific.
EHL
> -Original Message-
> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
> Of Prateek Mishra
> Sent: Thursday, May 13, 2010 10:15 AM
> To: oauth@ietf.org
> Subject: Re: [OAUTH-WG] User and Client identity in
SAML 2.0 assertions can represent a variety (very large) of
relationships between the presenter, issuer, subject, means of
confirmation and so on and so forth.
So representing multiple identities - i am server foo but I am acting
for joe - is not very difficult.
We can profile these versus add
: [OAUTH-WG] User and Client identity in the Assertion
Flow
On Thu, May 13, 2010 at 8:26 AM, Chuck Mortimore
wrote:
Our plan is to treat SAML assertions passed over the assertion
flow as
bearer assertions, so I believe we have everything we need contained
within the assertion (issuer
Will be added to -05.
EHL
> -Original Message-
> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
> Of Brian Eaton
> Sent: Thursday, May 13, 2010 8:50 AM
> To: Chuck Mortimore
> Cc: oauth@ietf.org
> Subject: Re: [OAUTH-WG] User and Client iden
On Thu, May 13, 2010 at 8:26 AM, Chuck Mortimore
wrote:
> Our plan is to treat SAML assertions passed over the assertion flow as
> bearer assertions, so I believe we have everything we need contained within
> the assertion (issuer + audience + signature). That being said, if we want
> this to be
Our plan is to treat SAML assertions passed over the assertion flow as bearer
assertions, so I believe we have everything we need contained within the
assertion (issuer + audience + signature). That being said, if we want this to
be an extensible flow, not all assertion formats will be so trans
Am 13.05.2010 13:05, schrieb Paul Madsen:
Torsten, have you thought about the relevance of the for
identifying the client?
Identify if not authenticate.
Thanks for your advice.
I would not expect the issuer to by the client in that game. In my
opinion a client could be a website, which ob
Torsten, have you thought about the relevance of the for
identifying the client?
Identify if not authenticate.
On 5/13/2010 6:38 AM, Torsten Lodderstedt wrote:
In my perception, we reached consensus in the thread "Autonomous
clients and resource owners (editorial)" that the assertion flow
s
In my perception, we reached consensus in the thread "Autonomous clients
and resource owners (editorial)" that the assertion flow should support
clients acting on behalf of users, not only autonomous clients.
The specification currently states "This flow is suitable when the
client is acting a
