> -----Original Message----- > From: Carsten Bormann <[email protected]> > Sent: Monday, October 22, 2018 12:09 PM > To: Jim Schaad <[email protected]> > Cc: [email protected] > Subject: Re: [Ace] FW: New Version Notification for draft-schaad-cnf-cwt-id- > 00.txt > > On Oct 22, 2018, at 20:49, Jim Schaad <[email protected]> wrote: > > > > I did not like the idea of using key identifiers when linking together CWTs > for authorization purposes. > > Right, they are not very useful as they don’t say anything about the > authorization information that is attached to that key in a specific CWT. > > > As part of that discussion I came up with the idea of using the CWT > identifier instead since that is going to be specific to an AS. > > Sounds better. I would feel even better if I knew what exactly that scope “an > AS” is (it is not represented in the CWT, so there is some misuse potential)
Actually this can be placed in a CWT as the issuer field. Jim . > > > This draft is a brief description of the idea and I would like to know how > interested people would be in getting it finished. > > Will read it after the frenzy… > > Grüße, Carsten _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
