IETF Logo Mail Archive

[OAUTH-WG] SAML 2.0 Bearer Assertion Profile for OAuth 2.0 draft

Brian Campbell <bcampbell@pingidentity.com> Thu, 15 July 2010 20:50 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DE46B3A6A42 for <oauth@core3.amsl.com>; Thu, 15 Jul 2010 13:50:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.61
X-Spam-Level:
X-Spam-Status: No, score=-4.61 tagged_above=-999 required=5 tests=[AWL=-1.367, BAYES_50=0.001, FM_FORGED_GMAIL=0.622, HTTP_ESCAPED_HOST=0.134, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2YXcxCtwJU1v for <oauth@core3.amsl.com>; Thu, 15 Jul 2010 13:50:31 -0700 (PDT)
Received: from na3sys009aog107.obsmtp.com (na3sys009aog107.obsmtp.com [74.125.149.197]) by core3.amsl.com (Postfix) with SMTP id 7A9403A69B5 for <oauth@ietf.org>; Thu, 15 Jul 2010 13:50:30 -0700 (PDT)
Received: from source ([209.85.161.49]) by na3sys009aob107.postini.com ([74.125.148.12]) with SMTP ID DSNKTD90ob7pZN4ZaQo7LVH7ndNN71rOSPM/@postini.com; Thu, 15 Jul 2010 13:50:41 PDT
Received: by mail-fx0-f49.google.com with SMTP id 3so770520fxm.36 for <oauth@ietf.org>; Thu, 15 Jul 2010 13:50:40 -0700 (PDT)
Received: by 10.223.112.12 with SMTP id u12mr1151964fap.33.1279227040159; Thu, 15 Jul 2010 13:50:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.105.135 with HTTP; Thu, 15 Jul 2010 13:50:10 -0700 (PDT)
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 15 Jul 2010 14:50:10 -0600
Message-ID: <AANLkTinSrPUEauUsSWjVHN0KZu9LxHVaWRpanGAE3ZEC@mail.gmail.com>
To: oauth <oauth@ietf.org>
Content-Type: multipart/mixed; boundary="001636c5aa5150d82d048b73416c"
Subject: [OAUTH-WG] SAML 2.0 Bearer Assertion Profile for OAuth 2.0 draft
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Jul 2010 20:50:34 -0000

I'm gong to join the growing list of people attaching a potential I-D
to an email due to he cut off time for the I-D submissions.  Attached
is a draft that aims to tightly define the particular format of a SAML
2.0 bearer assertion in requesting an access token using the assertion
grant_type.   I've been working with Chuck at Salesforce.com on this
and the primary goal is to have some documentation or specification
that is sufficient to facilitate interoperability between
independently developed implementations or products.    This, of
course, wouldn't preclude using SAML in other ways - it would only
provide one concrete definition to implement against.

I intend to submit this as an I-D when the submission process reopens.
  Any feedback from this group would be appreciated as well as
thoughts about this eventually becoming a working group draft.

Thanks,
Brian Campbell

v2.23.0 | Report a Bug | By Email