Good start here Mike! One quick question - I see the "cnf" member is defined as a JWK. Why not a JWK Set? I could see use-cases for binding in multiple keys.
-cmort On Tue, Apr 1, 2014 at 8:36 PM, Mike Jones <[email protected]>wrote: > I've written a concise Internet-Draft on proof-of-possession for JWTs > with John Bradley and Hannes Tschofenig. Quoting from the abstract: > > > > *This specification defines how to express a declaration in a JSON Web > Token (JWT) that the presenter of the JWT possesses a particular key and > that the recipient can cryptographically confirm proof-of-possession of the > key by the presenter. This property is also sometimes described as the > presenter being a holder-of-key.* > > > > This specification intentionally does not specify the means of > communicating the proof-of-possession JWT, nor the messages used to > exercise the proof key, as these are necessarily application-specific. > Rather, this specification defines a proof-of-possession JWT data structure > to be used by other specifications that do define those things. > > > > The specification is available at: > > · > http://tools.ietf.org/html/draft-jones-oauth-proof-of-possession-00 > > > > An HTML formatted version is available at: > > · > http://self-issued.info/docs/draft-jones-oauth-proof-of-possession-00.html > > > > -- Mike > > > > P.S. This note was also posted at http://self-issued.info/?p=1210 and as > @selfissued. > > > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth > >
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
