I'd be open to a proposal for also supporting encryption. The draft was
intended to be a starting point for productive discussion - not a finished
product.
Your thoughts?
-- Mike
From: Dick Hardt [mailto:[email protected]]
Sent: Sunday, September 26, 2010 9:17 PM
To: Mike Jones
Cc: [email protected]
Subject: Re: [OAUTH-WG] JSON Web Token (JWT) Specification Draft
Did you intentionally decide not to support encrypting the token?
On 2010-09-23, at 5:22 PM, Mike Jones wrote:
Recognizing that there is substantial interest in representing sets of claims
in JSON tokens, Yaron Goland and I have put together a draft JSON Web Token
(JWT) spec for that purpose.
To answer the obvious question, while this was produced independently of Dirk's
JSON token
proposal<http://balfanz.github.com/jsontoken-spec/draft-balfanz-jsontoken-00.html>,
both of us agree that we should come up with a unified spec. Consider this an
additional point in the possible design space from which to start discussions
and drive consensus. (If you read the two proposals, I think you'll find that
there's already a lot in common, which is great.)
Thanks to those of you who have already given us feedback to improve the draft
prior to this point.
Cheers,
-- Mike
<jwt.html><jwt.xml>_______________________________________________
OAuth mailing list
[email protected]<mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
