Hi, If Crypto segment has a switch parameters of encryption or signature, JSON Token seems to handle encrypted token as well as signed token.
--- hdknr 2010/8/31 Yaron Goland <[email protected]>: > BTW, Nat and I, as mentioned below, are talking. Here is my current draft. > Please keep in mind that it's really just a set of notes trying to capture > all the issues involved in creating a secure token format so it's a bit > dense. My hope is that once all the issues are captured it can be completely > re-written to be in something that looks more like English and is easier for > actual implementers to follow. But for now I think it gives a good sense of > the some of the security challenges in creating a secure token format. > > Yaron > > > > From: [email protected] [mailto:[email protected]] On Behalf Of > Nat Sakimura > Sent: Tuesday, August 24, 2010 6:50 AM > To: oauth > Subject: [OAUTH-WG] OAuth Signature Draft Pre 00 > > > > Hi. > > > > It has been a few weeks since then I volunteered to do this work. > > I have written up to this pre 00 draft then have been doing some reality > checks on some script languages etc. > > > > No. This pre-00 draft is far from being feature complete. > > I still need to copy and paste the Magic Signatures text etc. > > Also, I should add how this spec is being used in some of the major flows. > > > > However, since I will not be able to work on it this week, I thought it > would be worthwhile to share this early draft so that you have some clarity > into the progress. > > > > Apparently, Yaron has been working on it as well. We will compare the notes > and try to merge, I hope. > > > > So, here it is! > > > > #For those of you who have seen the private draft, it has not been changed > since July 31. > > > > Best, > > > > =nat > > > > > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
