[Openid-specs-ab] OpenID Connect and Identity Delegation

Nat Sakimura sakimura at gmail.com
Thu Mar 28 23:25:54 UTC 2013


+1 ID Token without azp is equivalent to say, "azp":"*". That's what we
call as bearer. In essence, azp is scoping the "from" and aud is scoping
the "to".

As to the text itself is concerned, there has been a request from Breno on
the text, however, and we should take that into account as well.

Nat


2013/3/29 Tim Bray <tbray at textuality.com>

> I agree with Mike’s characterization. Why not include that exact sentence
> in the spec?
>
>
> On Thu, Mar 28, 2013 at 11:06 AM, Mike Jones <Michael.Jones at microsoft.com>wrote:
>
>>  An audience is a party that the token can be legally presented to.  The
>> authorized presenter (azp) is a party that can legally present the token to
>> those audiences.****
>>
>> ** **
>>
>>                                                                 -- Mike**
>> **
>>
>> ** **
>>
>> *From:* openid-specs-ab-bounces at lists.openid.net [mailto:
>> openid-specs-ab-bounces at lists.openid.net] *On Behalf Of *Brian Campbell
>> *Sent:* Thursday, March 28, 2013 11:00 AM
>> *To:* Matias Woloski
>> *Cc:* openid-specs-ab
>> *Subject:* Re: [Openid-specs-ab] OpenID Connect and Identity Delegation**
>> **
>>
>> ** **
>>
>> ** **
>>
>> On Thu, Mar 28, 2013 at 11:55 AM, Matias Woloski <matiasw at gmail.com>
>> wrote:****
>>
>> ** **
>>
>>    - What is the difference between having multiple audiences vs using
>>    azp?****
>>
>>   ** **
>>
>> FWIW, I've long had the same question.  Which is mentioned, among others
>> about azp, in
>> https://bitbucket.org/openid/connect/issue/830/what-is-azp-really  ****
>>
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>>
>>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>


-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130329/086c1600/attachment-0001.html>


More information about the Openid-specs-ab mailing list