Hi Brian, did you intentionally omit scope values in your example requests? I would like to know what you envision to be the relationshop between scope and resource.
As you draft says, we today use scope values to indicate to the AS, which ressource servers the clients wants to access. I think we nearly exclusively use it for that purpose and only seldomly to request certain access rights. One of the advantages is, we can request access to multiple resource servers simple by putting multiple scope values into the scope parameter. Will this be possible with the extension you are proposing? Best regards, Torsten. > Am 21.03.2016 um 18:41 schrieb Brian Campbell <bcampb...@pingidentity.com>: > > Very minor update to this draft before the deadline that moves Hannes from > Acknowledgements to Authors in acknowledgment of his similar work a few years > ago. Also fleshed out the IANA section with the formal registration requests. > > > ---------- Forwarded message ---------- > From: <internet-dra...@ietf.org> > Date: Mon, Mar 21, 2016 at 11:31 AM > Subject: New Version Notification for > draft-campbell-oauth-resource-indicators-01.txt > To: Hannes Tschofenig <hannes.tschofe...@gmx.net>, Hannes Tschofenig > <hannes.tschofe...@gmx.net>, Brian Campbell <brian.d.campb...@gmail.com>, > John Bradley <ve7...@ve7jtb.com> > > > > A new version of I-D, draft-campbell-oauth-resource-indicators-01.txt > has been successfully submitted by Brian Campbell and posted to the > IETF repository. > > Name: draft-campbell-oauth-resource-indicators > Revision: 01 > Title: Resource Indicators for OAuth 2.0 > Document date: 2016-03-21 > Group: Individual Submission > Pages: 8 > URL: > https://www.ietf.org/internet-drafts/draft-campbell-oauth-resource-indicators-01.txt > Status: > https://datatracker.ietf.org/doc/draft-campbell-oauth-resource-indicators/ > Htmlized: > https://tools.ietf.org/html/draft-campbell-oauth-resource-indicators-01 > Diff: > https://www.ietf.org/rfcdiff?url2=draft-campbell-oauth-resource-indicators-01 > > Abstract: > This straw-man specification defines an extension to The OAuth 2.0 > Authorization Framework that enables the client and authorization > server to more explicitly to communicate about the protected > resource(s) to be accessed. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
