+1 CWT should not add claims.
I also created an issue to register the claim with JWT. On Tue, Oct 31, 2017 at 9:08 PM, Mike Jones <[email protected]> wrote: > I agree that CWT shouldn't define claims beyond those that correspond to > the JWT claims. Other specs can do that via the registry established for > that purpose. > > -- Mike > ------------------------------ > *From:* Ace <[email protected]> on behalf of Jim Schaad < > [email protected]> > *Sent:* Tuesday, October 31, 2017 8:06:04 AM > *To:* Hannes Tschofenig; 'Samuel Erdtman' > > *Cc:* [email protected] > *Subject:* Re: [Ace] CWT - Scope Claim > > > I have an outstanding comment to the effect that I want a binary scope > value – specifically to allow for a CBOR encoded object – on the framework > document. > > > > In terms of defining it in this document rather than in the framework, my > first response would be ‘no’ only because this was designed to be a direct > copy of the JWT document and it was not defined there. Other than that I > would not care one way or the other. > > > > Jim > > > > > > *From:* Ace [mailto:[email protected]] *On Behalf Of *Hannes Tschofenig > *Sent:* Tuesday, October 31, 2017 2:58 AM > *To:* Samuel Erdtman <[email protected]> > *Cc:* [email protected] > *Subject:* Re: [Ace] CWT - Scope Claim > > > > Hi Samuel, > > > > You are correct that we should register it also with the JWT. > > > > Additionally, I wonder whether the string representation of the claim for > the CWT is the most efficient way to represent the scope. Shouldn’t we > rather use CBOR capabilities here since we are trying to optimize 2 bytes > in other areas? > > > > Ciao > > Hannes > > > > *From:* Samuel Erdtman [mailto:[email protected] <[email protected]>] > *Sent:* 31 October 2017 10:46 > *To:* Hannes Tschofenig > *Cc:* [email protected] > *Subject:* Re: [Ace] CWT - Scope Claim > > > > The framework does register a CWT 'scoop' claim, but I think it has to > register it with JWT too to be correct. > > > https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-08#section-8.5 > > > > //Samuel > > > > On Tue, Oct 31, 2017 at 10:28 AM, Hannes Tschofenig < > [email protected]> wrote: > > Hi all, > > > > I was wondering whether we should define a claim, scope, that captures the > scope that was granted by the authorization server. > > > > Ciao > > Hannes > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > > _______________________________________________ > Ace mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ace > > > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. >
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
