--- On Tue, 1/4/11, Justin Richer <jric...@mitre.org> wrote: > > > We need a protocol that does both authentication and > > > authorization. We can take OAuth and adapt it for > > > authentication, or take OpenID and adapt it for > > > authorization, or combine OpenID and OAuth (great > > > solution > > > for people who love complexity) or... take the best > > > ideas > > > from OpenID and OAuth and incorporate them into a new > > > protocol that's designed from the start for both > > > authentication and authorization. That's one of my > > > motivations for proposing PKAuth. > > > > Are you aware of OpenIDConnect? > > > > http://openidconnect.com/ > > And also the latest drafts of OpenID Artifact Binding: > > http://wiki.openid.net/w/page/12995134/Artifact-Binding
I'm not familiar with that, and I haven't been able to find a draft at the site. Francisco
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth