27, 2010 5:49 AM
To: oauth
Subject: Re: [OAUTH-WG] Proposed language for section 2.2 on Client
Assertions
A client_id parameter would still be presented in the end user
authorization request. The text Brian E. quoted is what mandates any
specifications/documents/agreements that define
; oauth
Subject: RE: [OAUTH-WG] Proposed language for section 2.2 on Client
Assertions
So how do we resolve if the language goes into the spec?
Thanks,
Yaron
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Eran Hammer
A client_id parameter would still be presented in the end user
authorization request. The text Brian E. quoted is what mandates any
specifications/documents/agreements that define how to use client
assertions must also define the association between the client_id and
some field(s) in the
Makes sense. Personally, I don't have any preference on including it or not.
EHL
-Original Message-
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf
Of Brian Campbell
Sent: Tuesday, July 27, 2010 5:49 AM
To: oauth
Subject: Re: [OAUTH-WG] Proposed language
On Mon, Jul 26, 2010 at 2:08 PM, Eran Hammer-Lahav e...@hueniverse.com wrote:
I understand that in many assertions, the client identifier is established
internally, but this approach will completely prevent using the assertion
client authentication method with other flows that involve getting a
Subject: Re: [OAUTH-WG] Proposed language for section 2.2 on Client
Assertions
On Mon, Jul 26, 2010 at 2:08 PM, Eran Hammer-Lahav
e...@hueniverse.com wrote:
I understand that in many assertions, the client identifier is
established internally, but this approach will completely prevent
On Mon, Jul 26, 2010 at 4:11 PM, Eran Hammer-Lahav e...@hueniverse.com wrote:
How do you link the client_id using in the authorization endpoint with the
client assertion using in the token endpoint?
In theory:
any document that defines how to use an assertion of a particular
type with OAuth