[WG-UMA] OpenID AB discussion about how to handle trusted claims living anywhere
eve at xmlgrrl.com
Tue Mar 15 08:59:03 EDT 2011
Check out the thread here:
Very important stuff. From the UMA side, I think we'd still have the same concerns: UMA-protecting trusted claims (vs. merely OAuth-protecting them) in a relatively straightforward fashion, plus our special use case for gathering trusted claims in UMA Step 2 for associating authorizations with the requester's access token. If the AB solution drifts away from the basic OAuth design pattern, we'll have a tougher time of it, but it seems the folks in this discussion are taking existing OAuth deployment pressures into account.
Eve Maler http://www.xmlgrrl.com/blog
+1 425 345 6756 http://www.twitter.com/xmlgrrl
More information about the WG-UMA