My guess is that this is an early mistake that has not been noticed, it has been like this from the first draft.
I think the correct thing would be to change it so that CWT reflects JWT. //Samuel On Tue, Oct 31, 2017 at 10:27 AM, Hannes Tschofenig < [email protected]> wrote: > Hi all, > > > > in https://datatracker.ietf.org/doc/rfc7519/?include_text=1 (section > 4.1.3), “aud” is defined for JWT as being an array of case-sensitive > strings, or a single string. > > > > In https://datatracker.ietf.org/doc/draft-ietf-ace-cbor-web- > token/?include_text=1 (section 3.1.3), “aud” is defined for CWT as being > like in JWT, but “the value is of type StringOrURI”. > > > > I was wondering how we arrived at this point where the CWT and the JWT > differ in this regard. > > > > Ciao > > Hannes > > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > _______________________________________________ > Ace mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ace > >
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
