Re: [OAUTH-WG] FW: New Version Notification for draft-hunt-oauth-v2-user-a4c-05.txt

Mon, 21 Jul 2014 13:47:43 -0700 

The end of section 2.2 talks about prompt=consent but the value is not
defined above.

Also, I don't understand the note about "pwd" being used by a service. In
which scenario would that happen?

Finally, what's the difference between providing several values for "amr"
with and without including "mfa"? IOW, what's the use case for mfa?
Le 21 juil. 2014 21:06, "Mike Jones" <michael.jo...@microsoft.com> a écrit :

>  Changes in this version are:
>
> ·        Added the Authentication Method Reference Values registry.
>
> ·        Renamed the code_for_id_token grant type to
> urn:ietf:params:oauth:grant-type:code-for-id-token to conform to Section
> 4.5 of RFC 6749.
>
>                                                             -- Mike
>
>
>
> -----Original Message-----
> From: internet-dra...@ietf.org [mailto:internet-dra...@ietf.org]
> Sent: Monday, July 21, 2014 12:00 PM
> To: Phil Hunt; Anthony Nadalin; Phil Hunt; Mike Jones; Anthony Nadalin;
> Mike Jones
> Subject: New Version Notification for draft-hunt-oauth-v2-user-a4c-05.txt
>
>
>
>
>
> A new version of I-D, draft-hunt-oauth-v2-user-a4c-05.txt
>
> has been successfully submitted by Michael B. Jones and posted to the IETF
> repository.
>
>
>
> Name:                  draft-hunt-oauth-v2-user-a4c
>
> Revision:              05
>
> Title:                     Providing User Authentication Information to
> OAuth 2.0 Clients
>
> Document date: 2014-07-21
>
> Group:                  Individual Submission
>
> Pages:                  19
>
> URL:
> http://www.ietf.org/internet-drafts/draft-hunt-oauth-v2-user-a4c-05.txt
>
> Status:
> https://datatracker.ietf.org/doc/draft-hunt-oauth-v2-user-a4c/
>
> Htmlized:       http://tools.ietf.org/html/draft-hunt-oauth-v2-user-a4c-05
>
> Diff:
> http://www.ietf.org/rfcdiff?url2=draft-hunt-oauth-v2-user-a4c-05
>
>
>
> Abstract:
>
>    This specification defines a way for OAuth 2.0 clients to verify the
>
>    identity of the End-User and obtain consent based upon the
>
>    authentication performed by an Authorization Server.  The
>
>    interactions defined by this specification are intentionally
>
>    compatible with the OpenID Connect protocol.
>
>
>
>
>
>
>
>
>
>
> Please note that it may take a couple of minutes from the time of
> submission until the htmlized version and diff are available at
> tools.ietf.org.
>
>
>
> The IETF Secretariat
>
>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
>

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to