Re: [OAUTH-WG] the meaning of audience in SAML vs. OAuth

2013-03-21 Thread Nat Sakimura
Prateek, At this point, I would like to be a bit cautious about changing the claim names as it would impact bunch of implementations that are potentially being used by hundreds of millions of users now. I am more open to change the text that defines "aud". Currently, it goes: 4.1.3. "aud" (Aud

Re: [OAUTH-WG] the meaning of audience in SAML vs. OAuth

2013-03-21 Thread prateek mishra
Agreed, Chuck - I need to respond to Brian's message of Feb 14 and suggest proposed text for the draft. I plan to get to it in the next day or two. - prateek Hey Prateek - and suggested improvements for the SAML Bearer draft? On Mar 21, 2013, at 1:28 PM, prateek mishra wrote: Mike, Nat -

Re: [OAUTH-WG] the meaning of audience in SAML vs. OAuth

2013-03-21 Thread Igor Faynberg
I have no problem with the replacement of "audience" by "recepient," but whether this suggestion implemented or not, I would very much like to see Prateeks elegant explanation of SAML terms and their relation to those defined in OAuth retained somewhere in the document. This would help later

Re: [OAUTH-WG] the meaning of audience in SAML vs. OAuth

2013-03-21 Thread Chuck Mortimore
Hey Prateek - and suggested improvements for the SAML Bearer draft? On Mar 21, 2013, at 1:28 PM, prateek mishra wrote: > Mike, Nat - > > I am honestly not sure what to propose in terms of wording > clarification. has a specific meaning in SAML and thats different > from its current meaning in

Re: [OAUTH-WG] the meaning of audience in SAML vs. OAuth

2013-03-21 Thread prateek mishra
Mike, Nat - I am honestly not sure what to propose in terms of wording clarification. has a specific meaning in SAML and thats different from its current meaning in OAuth. This issue becomes even more confusing as the SAML assertion draft goes onto redefine the meaning of . Its processing rule

Re: [OAUTH-WG] the meaning of audience in SAML vs. OAuth

2013-03-14 Thread Nat Sakimura
well.. the aud term came from googler's use of the term and not saml. I agree with Prateek that the intention of the jwt:aud is rather similar to saml:destination. JWT is imposing the processing rule on it while saml:audience is mainly concerned about the liability. Nat 2013/3/15 Mike Jones : >

Re: [OAUTH-WG] the meaning of audience in SAML vs. OAuth

2013-03-14 Thread Mike Jones
The JWT meaning of the term "audience" is intended to be the same as SAML. Suggested wording clarifications would be welcomed. -- Mike -Original Message- From: prateek mishra [mailto:prateek.mis...@oracle.com] Sent: Thursday, March 14, 2013 11:53 AM To:

[OAUTH-WG] the meaning of audience in SAML vs. OAuth

2013-03-14 Thread prateek mishra
Hannes - you make a good point. I believe that the usage of "audience" in http://www.ietf.org/id/draft-ietf-oauth-json-web-token-06.txt also corresponds to rather than . [quote-jwt06] The aud (audience) claim identifies the audiences that the JWT is intended for. Each principal intended to pr