<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi all,<o:p></o:p>
<blockquote
cite="mid:4E1F6AAD24975D4BA5B1680429673943673F8646@TK5EX14MBXC284.redmond.corp.microsoft.com"
type="cite">
<div class="WordSection1">
<p class="MsoNormal"> Brian suggested possibly
separating support for fine-grained authorization from support
for signed parameters</p>
</div>
</blockquote>
<br>
I'm supporting this idea. I see the strong need for a fine-grained
specification of claims and the allocation of user claims to id
tokens, signing is (for us) typically not required. <br>
<br>
regards,<br>
Torsten.<br>
<br>
<blockquote
cite="mid:4E1F6AAD24975D4BA5B1680429673943673F8646@TK5EX14MBXC284.redmond.corp.microsoft.com"
type="cite">
<div class="WordSection1">
<p class="MsoNormal"><o:p></o:p></p>
<p class="MsoNormal"> Mike will write up a middle
ground Request Object proposal<o:p></o:p></p>
<p class="MsoNormal"> Parse request
parameters in request object but ignore claims sections<o:p></o:p></p>
<p class="MsoNormal"> Tim will
review proposal with Google team<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">New Open Issues:<o:p></o:p></p>
<p class="MsoNormal"> We went through most of the
new open issues and decided upon resolutions<o:p></o:p></p>
<p class="MsoNormal"> We didn't get through the
issues that are actually lists of comments<o:p></o:p></p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Openid-specs-ab mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a>
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a>
</pre>
</blockquote>
<br>
</body>
</html>