Hi, Thomas, Sorry for reply late. I somehow missed the emails from OAUTH list.
"What may not be clear up-front from reading the UMA core spec is that there are 5 parties involved (AM, Alice/RO, Host, Bob (Requesting Party) and Bob's portal/platform (Requester)). Here's a more accurate picture: - I deposit my Child at the Kindergarten. - I delegate my old Grandmother to pick up the Child. - My Grandmother takes a taxi. - The taxi Driver acts as proxy to my old Grandmother who stays in the taxi. - The taxi Driver needs to show 2 forms of Delegation to the Teacher. - The Taxi driver walks the Child to the taxi. Bear in mind that my Grandmother now has to manage the delegation she gave the taxi Driver (plus the Scopes involved)." If I understand correctly, old Grandma means Bob the requesting Party, the taxi driver means Bob the requester in UMA? Not talking about UMA, Bob is not separate between roles in OAUTH, so don't have to redelegate in OAUTH?
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
