[Openid-specs-ab] OpenID Connect and Identity Delegation

Nat Sakimura sakimura at gmail.com
Thu Mar 28 23:12:28 UTC 2013


It could, but then it should be included in 'aud' as well in JWT. We do not
seem to have propagated the language from the JWT to Connect. It may be a
bug.

Nat

2013/3/29 Brian Campbell <bcampbell at pingidentity.com>

> ...or can itself be an audience.
>
>
> On Thu, Mar 28, 2013 at 12:06 PM, Mike Jones <Michael.Jones at microsoft.com>wrote:
>
>>  An audience is a party that the token can be legally presented to.  The
>> authorized presenter (azp) is a party that can legally present the token to
>> those audiences.****
>>
>> ** **
>>
>>                                                                 -- Mike**
>> **
>>
>> ** **
>>
>> *From:* openid-specs-ab-bounces at lists.openid.net [mailto:
>> openid-specs-ab-bounces at lists.openid.net] *On Behalf Of *Brian Campbell
>> *Sent:* Thursday, March 28, 2013 11:00 AM
>> *To:* Matias Woloski
>> *Cc:* openid-specs-ab
>> *Subject:* Re: [Openid-specs-ab] OpenID Connect and Identity Delegation**
>> **
>>
>> ** **
>>
>> ** **
>>
>> On Thu, Mar 28, 2013 at 11:55 AM, Matias Woloski <matiasw at gmail.com>
>> wrote:****
>>
>> ** **
>>
>>    - What is the difference between having multiple audiences vs using
>>    azp?****
>>
>>   ** **
>>
>> FWIW, I've long had the same question.  Which is mentioned, among others
>> about azp, in
>> https://bitbucket.org/openid/connect/issue/830/what-is-azp-really  ****
>>
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>


-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130329/d673cfee/attachment.html>


More information about the Openid-specs-ab mailing list