[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: SAML assertion profile in OAuth 2.0?
The WRAP spec [1] defines an 'assertion' profile as one means by which a WRAP client obtains an access token - this used for subsequent authentication of a service request The premise is that a WRAP client uses the (very under defined) profile to trade an assertion for a WRAP token (a la WS-Trust) As the OAuth community starts work on OAuth 2.0, David Recordon poses the question 'do we want to keep the SAML assertion profile?' http://daveman692.livejournal.com/349384.html Do we wish to argue? (one way or the other) Paul [1] - http://bit.ly/c21VCw [1
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]