On 11/12/2012 10:09 PM, Phil Hunt wrote:
> Leif,
>
> I've read this a couple of times and I think I'm getting lost in
> partial SAML vs. OAuth terminology. As a result, I thought you were
> saying:
>
> 1. It isn't practical to issue client credentials even with Dynamic
> Registration
> 2. You want
Leif,
I've read this a couple of times and I think I'm getting lost in partial SAML
vs. OAuth terminology. As a result, I thought you were saying:
1. It isn't practical to issue client credentials even with Dynamic Registration
2. You want to re-use key management already in place with OAuth2.
I promised to send a UC to the list as input to the discussion around new
token formats.
---
Several large-scale deployments of public-key use a "bag-of-keys" model
for key management: you stick endpoint information together with public
keys for those endpoints in a signable container which is th