JWT is a OAuth spec for historic reasons, so it might be best to discuss this on that list.
Are you talking about a unsigned JWT? JWT currently only supports the compact form. For access tokens that allows them to be passed in headers without additional escaping. I would need to see a use case before adding the JSON encoding to JWT. Nothing stops someone from using a JSON encoded JWS with a set of claims in the body, but that is not by definition a JWT on the wire. They can be converted between the two forms programatically. John B. On Nov 10, 2014, at 8:26 AM, Sergey Beryozkin <[email protected]> wrote: > Hi All, > > Would it make sense to have a JWT spec talk about its JSON representation, > example: > { > "headers": {...} > "claims": {...} > } > > IMHO it might be interesting in cases where JWT is an access token passed > over the secure channel or simply used as a standard data/token container > > Sergey > > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
