Re: [OAUTH-WG] Authentication Method Reference Values: Call for Adoption Finalized

+1 > 12 feb 2016 kl. 16:58 skrev John Bradley : > > +1 to adopt this draft. > >> On Feb 12, 2016, at 3:07 AM, Mike Jones wrote: >> >> Draft -05 incorporates the feedback described below - deleting the request >> parameter, noting that this spec isn't an encouragement to use OAuth 2.0 for >>

Re: [OAUTH-WG] Authentication Method Reference Values spec incorporating adoption feedback

As Hannes wrote about this draft in his note on February 4th at https://mailarchive.ietf.org/arch/msg/oauth/Y7IUMzngKE0GXXNloUWw4UPBk1o: With my co-chair hat on: I just wanted to clarify that registering claims (and values within those claims) is within the scope of the OAuth working group. We st

Re: [OAUTH-WG] Authentication Method Reference Values: Call for Adoption Finalized

+1 to adopt this draft. > On Feb 12, 2016, at 3:07 AM, Mike Jones wrote: > > Draft -05 > incorporates the feedback described below - deleting the request parameter, > noting that this spec isn't an encouragement to use OAuth 2.0 for

Re: [OAUTH-WG] Initial OAuth working group Discovery specification

Sorry to chime in a bit late, but IMHO, the discovery document discovery etc. starting from the protected resource should happen via RFC5988. That is, when the client asks for the access, it gets an error like: HTTP/1.1 401 Unauthorized WWW-Authenticate: Bearer realm="example" Link:

Re: [OAUTH-WG] Authentication Method Reference Values spec incorporating adoption feedback

So, you just removed every relationship to OAuth (and the note about OAuth and authentication seems a bit out of context), and I thus wonder why the OAuth WG would adopt this draft; that'd rather be a JOSE thing. Le ven. 12 févr. 2016 07:03, Mike Jones a écrit : > This draft of the Authenticatio