On Oct 22, 2018, at 20:49, Jim Schaad <i...@augustcellars.com> wrote: > > I did not like the idea of using key identifiers when linking together CWTs > for authorization purposes.
Right, they are not very useful as they don’t say anything about the authorization information that is attached to that key in a specific CWT. > As part of that discussion I came up with the idea of using the CWT > identifier instead since that is going to be specific to an AS. Sounds better. I would feel even better if I knew what exactly that scope “an AS” is (it is not represented in the CWT, so there is some misuse potential). > This draft is a brief description of the idea and I would like to know how > interested people would be in getting it finished. Will read it after the frenzy… Grüße, Carsten _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
