Re: [OAUTH-WG] Summary - "Assertion Framework - Why does issuer have to be either the client or a third party token service?"

oauth-boun...@ietf.org 写于 2012-12-17 23:21:36: > Hi all, > > I read through the mailing list discussion raised by Nat in this > mail to the list on the 3rd of December, see http://www.ietf. > org/mail-archive/web/oauth/current/msg10203.html > > There were two types of issues: > > 1) The curr

Re: [OAUTH-WG] Using structured access_token as grant type in assertion flow

Hi Brian, Right ... so I suppose looking at that diagram without the background text would have been a bit odd :) In my use case I have an OAuth client that is going to request many access tokens, for many different resource servers. All of these resources servers will be protected by the sam

[OAUTH-WG] Summary - "Assertion Framework - Why does issuer have to be either the client or a third party token service?"

Hi all, I read through the mailing list discussion raised by Nat in this mail to the list on the 3rd of December, see http://www.ietf.org/mail-archive/web/oauth/current/msg10203.html There were two types of issues: 1) The current text about the issuer (in Section 5.1 of says that the asser