I just published a new I-D on the hyperlinked oauth that I talked at IETF 85. Since it was pointed out that the “_links” member…
View More Hyperlinked OAuthAuthor: Nat
[OAuth] Resource Owner != Client User
I have been preaching this numerous time, but let me do it once more. There seems to be a very common misperception that in OAuth…
View More [OAuth] Resource Owner != Client UserSupporting IMAP etc. poor-man’s way
There are multiple efforts that are going on to bring the federated identity to non-web protocols. At IETF, it is done in the kitten WG…
View More Supporting IMAP etc. poor-man’s wayCount Up API
As part of the PEAFIAMP project, we are supposed to come up with a way to provide the service providers (SP, RP) to find out…
View More Count Up APIRegistration of Attribute Server to the Authorization Server
As part of the PEAFIAMP project, we are now working on the Attribute Server – Authorization Server introduction. Here, “introduction” is done in the…
View More Registration of Attribute Server to the Authorization ServerOpenID Summit in Den Hague, Netherlands (Nov. 21)
The OpenID Foundation is hosting an OpenID workshop as a joint event with the Identity.Next Conference on November 21. It will be held in The…
View More OpenID Summit in Den Hague, Netherlands (Nov. 21)More on the privacy enhancement project (now PEOFIAMP)
When I wrote the previous post (US$1.5M project to bolster the privacy and security of the cyberspace), the English name of the project was not…
View More More on the privacy enhancement project (now PEOFIAMP)US$1.5M project to bolster the privacy and security of the cyberspace
National Institute of Informatics (NII), University of Tokyo, University of Kyoto, and Nomura Research Institute have jointly won a funding from Ministry of Communication with…
View More US$1.5M project to bolster the privacy and security of the cyberspaceURI Template in OpenID Connect Provider Configuration Response
OpenID Connect Provider Configuration Response for example.com can be obtained from https://example.com/issuer1/.well-known/openid-configuration This is a JSON file such as { “authorization_endpoint”: “https://server.example.com/connect/authorize”, “issuer”: “https://server.example.com”, “token_endpoint”:…
View More URI Template in OpenID Connect Provider Configuration ResponseJSON Schema enhanced OAuth
In the previous post, I wrote about HAL enhanced OAuth. Similar thing can be achieved by using JSON Schema. Many people claim that OAuth 2.0…
View More JSON Schema enhanced OAuth