Re: [OAUTH-WG] Working Group Last Call on OAuth 2.0 Discovery

On 18 February 2016 at 14:40, Hannes Tschofenig wrote: > Hi all, > > This is a Last Call for comments on the OAuth 2.0 Discovery specification: > https://tools.ietf.org/html/draft-ietf-oauth-discovery-01 > > Since this document was only adopted recently we are running this last > call for **3 we

Re: [OAUTH-WG] OAuth 2.0 has won the 2013 European Identity Award

On 15 May 2013 19:24, Mike Jones wrote: > I’m pleased to report that OAuth 2.0 has won the 2013 European Identity > Award for Best Innovation/New Standard. I was honored to accept the award > from Kuppinger Cole at the 2013 European Identity and Cloud > Conference

Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simple Web Discovery (SWD)

On 20 April 2012 16:40, Michael Thomas wrote: > On 04/20/2012 07:17 AM, Derek Atkins wrote: > >> Paul, >> >> "Paul E. Jones" writes: >> >> Tim, >>> >>> I do not agree that it's harmful. If I removed the WF discussion off the >>> table, I'm still having a hard time buying into everything you sai

Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simple Web Discovery (SWD)

On 19 April 2012 23:12, Melvin Carvalho wrote: > > > On 19 April 2012 20:26, Eran Hammer wrote: > >> #1 as John Panzer identified, allowing the server to control its >> deployment and supporting HTTP redirects is critical. >> > > +1 > > >> #2 JSO

Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simple Web Discovery (SWD)

On 19 April 2012 20:26, Eran Hammer wrote: > #1 as John Panzer identified, allowing the server to control its > deployment and supporting HTTP redirects is critical. > +1 > #2 JSON is better, which one is required is less of on issue but more of a > best practices item. > Happy with this comm

Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simple Web Discovery (SWD)

On 19 April 2012 18:48, Mike Jones wrote: > There are two criteria that I would consider to be essential requirements > for any resulting general-purpose discovery specification: > > 1. Being able to always discover per-user information with a single GET > (minimizing user interface latency for

Re: [OAUTH-WG] Web Finger vs. Simple Web Discovery (SWD)

On 15 April 2012 08:21, Eran Hammer wrote: > Tone aside, this is not the first time you distorted process and > technical facts to suit your goals. Just look up some of our exchanges from > a year ago and the transcript of the Prague meeting for highlights. > As stephen suggests, could we possi

Re: [OAUTH-WG] Web Finger vs. Simple Web Discovery (SWD)

On 12 April 2012 13:00, Hannes Tschofenig wrote: > Hi all, > > those who had attended the last IETF meeting may have noticed the ongoing > activity in the 'Applications Area Working Group' regarding Web Finger. > We had our discussion regarding Simple Web Discovery (SWD) as part of the > re-chart

[OAUTH-WG] OAuth 2.0 and Access Control Lists (ACL)

Quick question. I was wondering if OAuth 2.0 can work with access control lists. For example there is a protected resource (e.g. a photo), and I want to set it up so that a two or more users (for example a group of friends) U1, U2 ... Un will be able to access it after authenticating. Is this ki