OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] SAML assertion profile in OAuth 2.0?


> Section 5.2 - Assertion Profile
> 
> never says SAML but that's the intent (as described at IIW when WRAP was
> announced)

It has the separation I'd expect such that I don't see any compelling reason
to dictate what protocol(s) are used to acquire tokens of particular sorts.
Those can evolve as needed, that's really the best reason to break the flow
apart and not just use a more end-to-end SSO-like approach between the
service and the IdP (which I think is better anyway).

To the extent that this is attempting to replace WS-Trust or SAML as a
sufficient vehicle for requesting assertions, I don't think it's in the
ballpark as is.
 
-- Scott




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]