IETF Logo Mail Archive

Re: [OAUTH-WG] First draft of OAuth 2.0

Mark Mcgloin <mark.mcgloin@ie.ibm.com> Tue, 23 March 2010 11:41 UTC

Return-Path: <mark.mcgloin@ie.ibm.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 26CC43A6801 for <oauth@core3.amsl.com>; Tue, 23 Mar 2010 04:41:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.172
X-Spam-Level: *
X-Spam-Status: No, score=1.172 tagged_above=-999 required=5 tests=[BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13, MIME_BASE64_BLANKS=0.041]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JYi9QYqUTEqe for <oauth@core3.amsl.com>; Tue, 23 Mar 2010 04:41:51 -0700 (PDT)
Received: from mtagate5.uk.ibm.com (mtagate5.uk.ibm.com [194.196.100.165]) by core3.amsl.com (Postfix) with ESMTP id 61C5F3A67FE for <oauth@ietf.org>; Tue, 23 Mar 2010 04:41:49 -0700 (PDT)
Received: from d06nrmr1806.portsmouth.uk.ibm.com (d06nrmr1806.portsmouth.uk.ibm.com [9.149.39.193]) by mtagate5.uk.ibm.com (8.13.1/8.13.1) with ESMTP id o2NBg5PK017284 for <oauth@ietf.org>; Tue, 23 Mar 2010 11:42:05 GMT
Received: from d06av04.portsmouth.uk.ibm.com (d06av04.portsmouth.uk.ibm.com [9.149.37.216]) by d06nrmr1806.portsmouth.uk.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id o2NBg5Kh1101936 for <oauth@ietf.org>; Tue, 23 Mar 2010 11:42:05 GMT
Received: from d06av04.portsmouth.uk.ibm.com (loopback [127.0.0.1]) by d06av04.portsmouth.uk.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id o2NBg5kL021145 for <oauth@ietf.org>; Tue, 23 Mar 2010 11:42:05 GMT
Received: from d06ml901.portsmouth.uk.ibm.com (d06ml901.portsmouth.uk.ibm.com [9.149.39.138]) by d06av04.portsmouth.uk.ibm.com (8.12.11.20060308/8.12.11) with ESMTP id o2NBg4Ti021142 for <oauth@ietf.org>; Tue, 23 Mar 2010 11:42:04 GMT
In-Reply-To: <C7CDC567.288B%cmortimore@salesforce.com>
To: OAuth WG <oauth@ietf.org>
X-Mailer: Lotus Notes Release 7.0 HF400 February 20, 2008
Message-ID: <OFF96BDDB5.0F452F7D-ON802576EF.003FF4EA-802576EF.0040455E@ie.ibm.com>
From: Mark Mcgloin <mark.mcgloin@ie.ibm.com>
Date: Tue, 23 Mar 2010 11:42:03 +0000
X-MIMETrack: Serialize by Router on D06ML901/06/M/IBM(Release 8.0.2FP2|June 22, 2009) at 23/03/2010 11:42:04
MIME-Version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: base64
Subject: Re: [OAUTH-WG] First draft of OAuth 2.0
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2010 11:41:52 -0000

+1 for assertion profile. Was there any reason why it was dropped?

On 3/23/10, Chuck Mortimore wrote:
>Just getting a chance to review this – I apologize for not getting this
before the meeting started.

>We’d like to see some form of an Assertion Profile, similar to section 5.2
from draft-hardt-oauth-01.   We have strong customer use-cases for an
assertion based flow, specifically SAML bearer tokens, and I >believe
Microsoft may have already shipped a minor variation on this ( wrap_SAML )
in Azure.


Mark McGloin

v2.23.0 | Report a Bug | By Email