Carsten Bormann <[email protected]> writes: > On 2020-06-30, at 12:19, Olaf Bergmann <[email protected]> wrote: >> >> NEW: >> >> All CBOR data types are encoded in canonical CBOR as defined in >> Section 3.9 of {{RFC7049}}. This implies in particular that the >> `type` and `L` components use the minimum length encoding > > Note that 7049bis, which has been submitted to IESG already, all but > deprecates this and replaces this with “deterministic encoding”. > There is only one actual technical change, which is about map > ordering. Also, please check whether “preferred encoding” would > actually be enough. > > I would generally prefer to avoid the need for deterministic/canonical > encoding — is there really a need to re-encode the token?
There is no need to re-encode the token, and I do not expect that this would happen if the authorization server has used a finite length. I am more than happy to get rid of the ordering constraints on CBOR maps but I am not sure about referencing the -bis. Can we do that at this stage? Note: Up to now, we could even do without a normative reference to RFC 7049. Grüße Olaf _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
