What is the base specification? https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-03 ? I think that nonce and timestamp are protocol specific fields and that JOSE is not about protocols. There are no round-trips in JOSE. The cryptographic algorithms used in JOSE are secure enough without nounce and timestamp.
Axel -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Jim Schaad Sent: Friday, August 17, 2012 9:05 AM To: [email protected] Subject: [jose] POLL: Nonce/Timestamp parameter <CHAIR> If you voted at the face-2-face please do not vote again. If you want to provide comments please change the title from POLL to DISCUSS. Do we need to define a nonce/timestamp parameter in the base specification? Room vote: 6 yes, 0 no, 1 discuss _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
