Sorry for a later reply. <div><br></div><div>Right. And we should minimize referencing OAuth also. </div><div>Basic should be as self contained as possible. </div><div><br></div><div>Nat<br><br><div class="gmail_quote">2013/1/25 Mike Jones <span dir="ltr"><<a href="mailto:Michael.Jones@microsoft.com" target="_blank">Michael.Jones@microsoft.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">





<div lang="EN-US" link="blue" vlink="purple">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">It’s not in bitbucket – but it’s in the about-to-be-released call notes.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I disagree that we should reference Messages.  The whole point of Basic and Implicit is for them to be self-contained.  If we were willing to tell people to
 just use Messages and Standard, we’d delete these (intentionally duplicative) specs.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I’ll send my proposed change to the list shortly.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">                                                                -- Mike<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> <a href="mailto:openid-specs-ab-bounces@lists.openid.net" target="_blank">openid-specs-ab-bounces@lists.openid.net</a> [mailto:<a href="mailto:openid-specs-ab-bounces@lists.openid.net" target="_blank">openid-specs-ab-bounces@lists.openid.net</a>]
<b>On Behalf Of </b>Pamela Dingle<br>
<b>Sent:</b> Thursday, January 24, 2013 10:42 AM<br>
<b>To:</b> <a href="mailto:openid-specs-ab@lists.openid.net" target="_blank">openid-specs-ab@lists.openid.net</a><br>
<b>Subject:</b> [Openid-specs-ab] Basic profile section 2.2.6.1<u></u><u></u></span></p><div><div class="h5">
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Hi all,<u></u><u></u></p>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">We talked about basic profile section 2.2.6.1 on the call this morning,  and Mike agreed to add a bit more helpful text in there that echoes the existing recommendation in RFC 6749 section 3.2 on using the authorization header to authenticate
 the client vs. including client credentials in the post body of the request sent to the endpoint.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">On reading further, I think we could instead state that the possible ways that the client can authenticate to the Access Token Endpoint are listed in the Messages spec section 2.2.1, and that if a client is unsure which client authentication
 methods are supported, they can refer to a given openid provider's openid-configuration document, under the token_endpoint_auth_methods_supported element (described in Discovery section 3.2).    The nice thing about referring to the messages and discovery
 specs rather than directly to the OAuth spec is that it introduces our simple vocabulary for the different types of client authentication, gives us a place to insert more guidance in the future, and also ties in the relationship with the discovery doc, so
 that if a developer wants to be more sophisticated they know where to look.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Mike, if you've got something in bitbucket for this change let me know and I'll put this into the ticket rather than into email, I just wanted to get this on the record before I forgot.<u></u><u></u></p>

</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Cheers,<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Pamela<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">-- <br>
<strong><span style="font-size:9.0pt;font-family:"Tahoma","sans-serif";color:#343634">Pamela Dingle</span></strong><span style="font-size:9.0pt;font-family:"Tahoma","sans-serif";color:#343634">  |  Sr. Technical Architect</span><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#2a2a2a"><br>

</span><strong><span style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:#343634">Ping</span></strong><strong><span style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:#e71939">Identity</span></strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#2a2a2a">  |  
<a href="http://www.pingidentity.com" target="_blank">www.pingidentity.com</a><br>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<br>
</span><strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#005568">O:</span></strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#2a2a2a"> </span><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#343634"><a href="tel:303-999-5890" value="+13039995890" target="_blank">303-999-5890</a></span><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#2a2a2a">   </span><strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#005568">M:</span></strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#2a2a2a"> </span><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#343634"><a href="tel:303-999-5890" value="+13039995890" target="_blank">303-999-5890</a></span><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#2a2a2a"><br>

</span><strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#005568">Email:</span></strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#2a2a2a"> <a href="mailto:pdingle@pingidentity.com" target="_blank">pdingle@pingidentity.com</a><br>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<u></u><u></u></span></p>
<table border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td nowrap valign="top" style="padding:0in 0in 0in 0in">
<div>
<p class="MsoNormal"><strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#005568">Connect with Ping</span></strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif""><br>

<span style>Twitter: @pingidentity</span><br>
<span style>LinkedIn Group: Ping's Identity Cloud</span>    <br>
<span style>Facebook.com/pingidentitypage</span></span><u></u><u></u></p>
</div>
</td>
<td nowrap valign="top" style="padding:0in 0in 0in 0in">
<div style="margin-left:15.0pt">
<p class="MsoNormal"><strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#005568">Connect with me</span></strong><span style="font-size:8.5pt;font-family:"Arial","sans-serif""><br>

<span style>Twitter: @pamelarosiedee</span></span><u></u><u></u></p>
</div>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div></div></div>
</div>

<br>_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Nat Sakimura (=nat)<div>Chairman, OpenID Foundation<br><a href="http://nat.sakimura.org/" target="_blank">http://nat.sakimura.org/</a><br>@_nat_en</div>
</div>