Hi all, doing my shepherd writeup of some of the OAuth WG documents I was wondering how the extensibility story for these JSON-based documents should look like given a statement like this: "Implementations MUST understand the entire contents of the header; otherwise, the JWS MUST be rejected."
Absent a "feature discovery" mechanism I am curious whether any extension is actually possible. (Funny enough then all individual parameters then say "This header parameter is OPTIONAL.") Since this type of extensibility feature does not seem to a be a new concept I am curious how it has been handled (successfully) in other specifications. Ciao Hannes PS: I remember that this has been discussed during the meeting but I do not know what the outcome of the discussion was. The meeting minutes do not seem to be available yet. _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
