[Openid-specs-fastfed] FW: OAuth Metadata Specifications Enhanced

Phil Hunt phil.hunt at oracle.com
Wed Aug 3 21:52:35 UTC 2016


+1

Phil

@independentid
www.independentid.com <http://www.independentid.com/>phil.hunt at oracle.com <mailto:phil.hunt at oracle.com>





> On Aug 3, 2016, at 2:35 PM, Hardt, Dick via Openid-specs-fastfed <openid-specs-fastfed at lists.openid.net> wrote:
> 
> Agreed.
>  
> On 8/3/16, 2:06 PM, someone claiming to be "Openid-specs-fastfed on behalf of openid-specs-fastfed at lists.openid.net <mailto:openid-specs-fastfed at lists.openid.net>" <openid-specs-fastfed-bounces at lists.openid.net <mailto:openid-specs-fastfed-bounces at lists.openid.net> on behalf of openid-specs-fastfed at lists.openid.net <mailto:openid-specs-fastfed at lists.openid.net>> wrote:
>  
> I suspect that fastfed will want to take advantage of signed metadata as well.
>  
>                                                        -- Mike
>   <>
> From: Mike Jones 
> Sent: Wednesday, August 3, 2016 2:05 PM
> To: openid-specs-ab at lists.openid.net <mailto:openid-specs-ab at lists.openid.net>; Roland Hedberg <roland at catalogix.se <mailto:roland at catalogix.se>>
> Subject: FW: OAuth Metadata Specifications Enhanced
>  
> These OAuth 2.0 metadata updates contain features in part motivated by the OpenID Connect Federation spec – in particular, signed metadata.
>  
>                                                        -- Mike
>  
> From: Mike Jones 
> Sent: Wednesday, August 3, 2016 1:57 PM
> To: oauth at ietf.org <mailto:oauth at ietf.org>
> Subject: OAuth Metadata Specifications Enhanced
>  
> The existing OAuth 2.0 Authorization Server Metadata <https://tools.ietf.org/html/draft-ietf-oauth-discovery> specification has now been joined by a related OAuth 2.0 Protected Resource Metadata <https://tools.ietf.org/html/draft-jones-oauth-resource-metadata> specification.  This means that JSON metadata formats are now defined for all the OAuth 2.0 parties: clients, authorization servers, and protected resources.
>  
> The most significant addition to the OAuth 2.0 Authorization Server Metadata specification is enabling signed metadata, represented as claims in a JSON Web Token (JWT).  This is analogous to the role that the Software Statement plays in OAuth Dynamic Client Registration.  Signed metadata can also be used for protected resource metadata.
>  
> For use cases in which the set of protected resources used with an authorization server are enumerable, the authorization server metadata specification now defines the “protected_resources” metadata value to list them.  Likewise, the protected resource metadata specification defines an “authorization_servers” metadata value to list the authorization servers that can be used with a protected resource, for use cases in which those are enumerable.
>  
> The specifications are available at:
> ·         http://tools.ietf.org/html/draft-ietf-oauth-discovery-04 <http://tools.ietf.org/html/draft-ietf-oauth-discovery-04>
> ·         http://tools.ietf.org/html/draft-jones-oauth-resource-metadata-00 <http://tools.ietf.org/html/draft-jones-oauth-resource-metadata-00>
>  
> HTML-formatted versions are also available at:
> ·         http://self-issued.info/docs/draft-ietf-oauth-discovery-04.html <http://self-issued.info/docs/draft-ietf-oauth-discovery-04.html>
> ·         http://self-issued.info/docs/draft-jones-oauth-resource-metadata-00.html <http://self-issued.info/docs/draft-jones-oauth-resource-metadata-00.html>
>  
>                                                        -- Mike
>  
> P.S.  This notice was also posted at http://self-issued.info/?p=1591 <http://self-issued.info/?p=1591> and as @selfissued <https://twitter.com/selfissued>.
> _______________________________________________
> Openid-specs-fastfed mailing list
> Openid-specs-fastfed at lists.openid.net <mailto:Openid-specs-fastfed at lists.openid.net>
> http://lists.osuosl.org/mailman/listinfo/openid-specs-fastfed <http://lists.osuosl.org/mailman/listinfo/openid-specs-fastfed>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fastfed/attachments/20160803/969ed25f/attachment-0001.html>


More information about the Openid-specs-fastfed mailing list