The recent discussion about whether or not to mandate using "crit" with the "b64" header <http://www.ietf.org/mail-archive/web/jose/current/msg05427.html> inspired me to look at the support for "crit" in my own implementation (which was, ahem, somewhat lacking). In doing so I went to add the "Negative Test Case for "crit" Header Parameter" from Appendix E <http://tools.ietf.org/html/rfc7515#appendix-E> and I noticed that the header name used in the text and the unencoded header is different than what's in the encoded JWS. It's "http://example.invalid/UNDEFINED"; in the former and "http://example.com/UNDEFINED"; in the latter. The intent of the test case is pretty clear but it's still inconsistent. Is this the kind of thing that should be an errata?
<http://tools.ietf.org/html/rfc7515#appendix-E>
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
