| < draft-ietf-oauth-saml2-bearer-11.txt | draft-ietf-oauth-saml2-bearer-12.txt > | |||
|---|---|---|---|---|
| B. Campbell, Ed. | B. Campbell, Ed. | |||
| Internet-Draft Ping Identity | Internet-Draft Ping Identity | |||
| Intended status: Standards Track C. Mortimore | Intended status: Standards Track C. Mortimore | |||
| Expires: October 28, 2012 Salesforce | Expires: November 4, 2012 Salesforce | |||
| April 26, 2012 | May 3, 2012 | |||
| SAML 2.0 Bearer Assertion Profiles for OAuth 2.0 | SAML 2.0 Bearer Assertion Profiles for OAuth 2.0 | |||
| draft-ietf-oauth-saml2-bearer-11 | draft-ietf-oauth-saml2-bearer-12 | |||
| Abstract | Abstract | |||
| This specification defines the use of a SAML 2.0 Bearer Assertion as | This specification defines the use of a SAML 2.0 Bearer Assertion as | |||
| a means for requesting an OAuth 2.0 access token as well as for use | a means for requesting an OAuth 2.0 access token as well as for use | |||
| as a means of client authentication. | as a means of client authentication. | |||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| skipping to change at page 1, line 33 ¶ | skipping to change at page 1, line 33 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on October 28, 2012. | This Internet-Draft will expire on November 4, 2012. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2012 IETF Trust and the persons identified as the | Copyright (c) 2012 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 11, line 27 ¶ | skipping to change at page 11, line 27 ¶ | |||
| o Change controller: IETF | o Change controller: IETF | |||
| o Description: [[this document]] | o Description: [[this document]] | |||
| 7. References | 7. References | |||
| 7.1. Normative References | 7.1. Normative References | |||
| [I-D.ietf-oauth-assertions] | [I-D.ietf-oauth-assertions] | |||
| Mortimore, C., Ed., Jones, M., Campbell, B., and Y. | Jones, M., Campbell, B., and Y. Goland, "OAuth 2.0 | |||
| Goland, "OAuth 2.0 Assertion Profile", | Assertion Profile", draft-ietf-oauth-assertions-03 (work | |||
| draft-ietf-oauth-assertions-02 (work in progress), | in progress), May 2012. | |||
| April 2012. | ||||
| [I-D.ietf-oauth-urn-sub-ns] | [I-D.ietf-oauth-urn-sub-ns] | |||
| Tschofenig, H., "An IETF URN Sub-Namespace for OAuth", | Tschofenig, H., "An IETF URN Sub-Namespace for OAuth", | |||
| draft-ietf-oauth-urn-sub-ns-02 (work in progress), | draft-ietf-oauth-urn-sub-ns-02 (work in progress), | |||
| January 2012. | January 2012. | |||
| [I-D.ietf-oauth-v2] | [I-D.ietf-oauth-v2] | |||
| Hammer-Lahav, E., Recordon, D., and D. Hardt, "The OAuth | Hammer-Lahav, E., Recordon, D., and D. Hardt, "The OAuth | |||
| 2.0 Authorization Protocol", draft-ietf-oauth-v2-25 (work | 2.0 Authorization Framework", draft-ietf-oauth-v2-26 (work | |||
| in progress), March 2012. | in progress), May 2012. | |||
| [OASIS.saml-core-2.0-os] | [OASIS.saml-core-2.0-os] | |||
| Cantor, S., Kemp, J., Philpott, R., and E. Maler, | Cantor, S., Kemp, J., Philpott, R., and E. Maler, | |||
| "Assertions and Protocol for the OASIS Security Assertion | "Assertions and Protocol for the OASIS Security Assertion | |||
| Markup Language (SAML) V2.0", OASIS Standard saml-core- | Markup Language (SAML) V2.0", OASIS Standard saml-core- | |||
| 2.0-os, March 2005. | 2.0-os, March 2005. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| skipping to change at page 12, line 43 ¶ | skipping to change at page 12, line 42 ¶ | |||
| document: Paul Madsen, Patrick Harding, Peter Motykowski, Eran | document: Paul Madsen, Patrick Harding, Peter Motykowski, Eran | |||
| Hammer, Peter Saint-Andre, Ian Barnett, Eric Fazendin, Torsten | Hammer, Peter Saint-Andre, Ian Barnett, Eric Fazendin, Torsten | |||
| Lodderstedt, Susan Harper, Scott Tomilson, Scott Cantor, Michael B. | Lodderstedt, Susan Harper, Scott Tomilson, Scott Cantor, Michael B. | |||
| Jones, Hannes Tschofenig, David Waite, Phil Hunt, and Mukesh | Jones, Hannes Tschofenig, David Waite, Phil Hunt, and Mukesh | |||
| Bhatnagar. | Bhatnagar. | |||
| Appendix B. Document History | Appendix B. Document History | |||
| [[ to be removed by RFC editor before publication as an RFC ]] | [[ to be removed by RFC editor before publication as an RFC ]] | |||
| draft-ietf-oauth-saml2-bearer-12 | ||||
| o updated reference to draft-ietf-oauth-v2 from -25 to -26 and | ||||
| draft-ietf-oauth-assertions from -02 to -03 | ||||
| draft-ietf-oauth-saml2-bearer-11 | draft-ietf-oauth-saml2-bearer-11 | |||
| o Removed text about limited lifetime access tokens and the SHOULD | o Removed text about limited lifetime access tokens and the SHOULD | |||
| NOT on issuing refresh tokens. The text was moved to | NOT on issuing refresh tokens. The text was moved to | |||
| draft-ietf-oauth-assertions-02 and somewhat modified per | draft-ietf-oauth-assertions-02 and somewhat modified per | |||
| http://www.ietf.org/mail-archive/web/oauth/current/msg08298.html. | http://www.ietf.org/mail-archive/web/oauth/current/msg08298.html. | |||
| o Fixed typo/missing word per | o Fixed typo/missing word per | |||
| http://www.ietf.org/mail-archive/web/oauth/current/msg08733.html. | http://www.ietf.org/mail-archive/web/oauth/current/msg08733.html. | |||
| skipping to change at page 14, line 50 ¶ | skipping to change at page 15, line 5 ¶ | |||
| o Added "case sensitive" to scope definition to align with | o Added "case sensitive" to scope definition to align with | |||
| draft-ietf-oauth-v2-15/16. | draft-ietf-oauth-v2-15/16. | |||
| o Updated to reference draft-ietf-oauth-v2-16 | o Updated to reference draft-ietf-oauth-v2-16 | |||
| draft-ietf-oauth-saml2-bearer-03 | draft-ietf-oauth-saml2-bearer-03 | |||
| o Cleanup of some editorial issues. | o Cleanup of some editorial issues. | |||
| draft-ietf-oauth-saml2-bearer-02 | ||||
| o Added scope parameter with text copied from draft-ietf-oauth-v2-12 | o Added scope parameter with text copied from draft-ietf-oauth-v2-12 | |||
| (the reorg of draft-ietf-oauth-v2-12 made it so scope wasn't | (the reorg of draft-ietf-oauth-v2-12 made it so scope wasn't | |||
| really inherited by this spec anymore) | really inherited by this spec anymore) | |||
| o Change definition of the assertion parameter to be more generally | o Change definition of the assertion parameter to be more generally | |||
| applicable per the suggestion near the end of | applicable per the suggestion near the end of | |||
| http://www.ietf.org/mail-archive/web/oauth/current/msg05253.html | http://www.ietf.org/mail-archive/web/oauth/current/msg05253.html | |||
| o Editorial changes based on feedback | o Editorial changes based on feedback | |||
| End of changes. 7 change blocks. | ||||
| 11 lines changed or deleted | 14 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||