: [OAUTH-WG] Proposed language for section 2.2 on Client
Assertions
Makes sense. Personally, I don't have any preference on including it or not.
EHL
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Brian Campbell
Sent: Tuesday, July
; oauth
Subject: RE: [OAUTH-WG] Proposed language for section 2.2 on Client
Assertions
So how do we resolve if the language goes into the spec?
Thanks,
Yaron
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Eran Hammer
A client_id parameter would still be presented in the end user
authorization request. The text Brian E. quoted is what mandates any
specifications/documents/agreements that define how to use client
assertions must also define the association between the client_id and
some field(s) in the
Makes sense. Personally, I don't have any preference on including it or not.
EHL
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Brian Campbell
Sent: Tuesday, July 27, 2010 5:49 AM
To: oauth
Subject: Re: [OAUTH-WG] Proposed language
The following is proposed language for inclusion in the spec as section 2.2. I
would like to thank Brian Campbell, Brain Eaton, Chuck Mortimore, Dirk Balfanz,
Eric Sachs, Justin Smith and Marius Scurtescu for taking the time to review and
improve this proposal. Please note that the named folks
On Mon, Jul 26, 2010 at 2:08 PM, Eran Hammer-Lahav e...@hueniverse.com wrote:
I understand that in many assertions, the client identifier is established
internally, but this approach will completely prevent using the assertion
client authentication method with other flows that involve getting a
Subject: Re: [OAUTH-WG] Proposed language for section 2.2 on Client
Assertions
On Mon, Jul 26, 2010 at 2:08 PM, Eran Hammer-Lahav
e...@hueniverse.com wrote:
I understand that in many assertions, the client identifier is
established internally, but this approach will completely prevent
On Mon, Jul 26, 2010 at 4:11 PM, Eran Hammer-Lahav e...@hueniverse.com wrote:
How do you link the client_id using in the authorization endpoint with the
client assertion using in the token endpoint?
In theory:
any document that defines how to use an assertion of a particular
type with OAuth