[Openid-specs-authzen] Candidate spec for Implementer’s Draft (1.0), and draft of boxcarred requests (1.1)
David Brossard
david.brossard at gmail.com
Wed Jul 3 21:12:14 UTC 2024
Hi Omri,
I just realized the spec could use a bit more symmetry/consistency. For
instance, the resource category is described as
> A Resource is the target of an access request. It is a JSON ([RFC8259
> <https://openid.github.io/authzen/#RFC8259>]) object that is constructed
> similar to a Subject entity.¶
> <https://openid.github.io/authzen/#section-5.2-1>
>
The subject category does not allude to RFC8259 when in fact it
could/should. Thoughts? At the end of the day, subject and resource are
structurally equal/equivalent.
Thoughts?
On Tue, Jul 2, 2024 at 8:48 PM Omri Gazitt via Openid-specs-authzen <
openid-specs-authzen at lists.openid.net> wrote:
> Hi all!
>
> As discussed on the AuthZEN call today, I’ve updated the 1.0 spec and
> created a new 1.1 spec that adds the Access Evaluations (plural) API.
>
> https://openid.github.io/authzen/
>
>
> https://openid.github.io/authzen/authorization-api-1_1#name-access-evaluations-api
>
>
> The first spec (1.0) is what we are working towards making our first
> Implementer’s Draft. The second is meant to be a fast follower and adds
> support for boxcarred requests.
>
> Please open issues in GitHub for any comments or questions on either.
>
> Thanks,
> Omri.
>
>
> <http://www.aserto.com/>
>
> Omri Gazitt | CEO
>
> Aserto <http://www.aserto.com/> Inc. | (425) 765-0079
> --
> Openid-specs-authzen mailing list
> Openid-specs-authzen at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-authzen
>
--
---
David Brossard
http://www.linkedin.com/in/davidbrossard
http://twitter.com/davidjbrossard
http://about.me/brossard
---
Stay safe on the Internet: IC3 Prevention Tips
<https://www.capefearnetworks.com/wp-content/uploads/2017/05/Internet-Fraud-Prevention-Tips-IC3.pdf>
Prenez vos précautions sur Internet:
http://www.securite-informatique.gouv.fr/gp_rubrique34.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20240703/d5d89bd7/attachment.html>
More information about the Openid-specs-authzen
mailing list