Thanks for the review comments, Hannes. Replies are inline in green...
-- Mike
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of
Hannes Tschofenig
Sent: Sunday, November 25, 20
Thanks for the comments, Prateek. Replies inline in green...
-- Mike
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of
prateek mishra
Sent: Wednesday, November 07, 2012 7:16 AM
To: oauth@ietf.org
Subject: Re
In "section 3
The token service is the assertion issuer; its
role is to fulfill requests from clients, which present various
credentials, and mint assertions as requested, fill them with
appropriate information, and sign them."
As I understand, an assertion generated by a STS, is done flollow
The IESG has received a request from the Web Authorization Protocol WG
(oauth) to consider the following document:
- 'Assertion Framework for OAuth 2.0'
as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substan
Hi,
I continue to have an interest in the OAuth assertion profiles for my use
cases. I'm wondering if the idea of performing a first OAuth dance which
returns to the client a structured JWT access token (with scope=AS for example)
could then be used as the JWT in an assertion grant type? So s
Hi Hannes, all,
Sorry to have been slow with the AD review here. I've only
a few comments (below) that can be handled as IETF LC
comments. Any changes as a result of the recent thread on
the definition of Issuer can also be done then.
Unless someone tells me to hold off for a new version, I'll
r