>>
>> I would generally prefer to avoid the need for deterministic/canonical
>> encoding — is there really a need to re-encode the token?
>
> There is no need to re-encode the token, and I do not expect that this
> would happen if the authorization server has used a finite length.
So would we be better off with:
info = [
type : tstr,
L : uint,
access_token: bytes
]
Where access_token is the token in original encoding? No need to re-encode the
token then.
> I am more than happy to get rid of the ordering constraints on CBOR maps
> but I am not sure about referencing the -bis. Can we do that at this
> stage?
Both documents are in IESG processing, specifically:
dtls-authorize: AD Evaluation::External Party
7049bis: Publication Requested
Potential emergency escape: reference Section 10 of rfc8152bis-struct (which is
even further along at IESG Evaluation::Revised I-D Needed).
> Note: Up to now, we could even do without a normative reference to RFC 7049.
Yes, but that’s cheating (indirect normative reference through 8610).
Grüße, Carsten
_______________________________________________
Ace mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ace
