What is the X.1252 definition? -- Mike
From: Nat Sakimura Sent: December 23, 2012 10:09 AM To: =JeffH CC: Mike Jones, IETF oauth WG Subject: Re: [OAUTH-WG] review: draft-ietf-oauth-json-web-token-05 Re definition of 'claim', as JWT is supposed to be generic, it may be better to go with the definition of X.1252 rather than OIDC. =nat via iPhone Dec 24, 2012 2:42、=JeffH <[email protected]> のメッセージ: > > > Thanks for the replies, Jeff. They make sense. Particularly, thanks for > > the "JSON Text Object" suggestion. > > welcome, glad they made some sense. > > similarly, if one employs JSON arrays, I'd define a "JSON text array". > > > > For the "claims" definition, I'm actually prone to go with definitions based > > on those in > > http://openid.net/specs/openid-connect-messages-1_0-13.html#terminology - > > specifically: > > > > Claim > > A piece of information about an Entity that a Claims Provider asserts about > > that Entity. > > Claims Provider > > A system or service that can return Claims about an Entity. > > End-User > > A human user of a system or service. > > Entity > > Something that has a separate and distinct existence and that can be > > identified in context. An End-User is one example of an Entity. > > well, it seems to me, given the manner in which the JWT spec is written, one > can make the case that JWT claims in general aren't necessarily about an > Entity (as the latter term is used in the context of the OpenID Connect > specs), rather they're in general simply assertions about something(s). this > is because all pre-defined JWT claim types are optional and all JWT semantics > are left up to specs that profile (aka re-use) the JWT spec. > > HTH, > > =JeffH > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
