Re: [OAUTH-WG] [Ace] PoP, Introspection and ACE

[John Bradley]

It is probably best to register “cnf” to match RFC 7600 so we don’t have two 
different structures one for JWT/CWT and one for introspection.

On the other hand introspected tokens are generally relatively custom in what 
claims they pass.

I will discuss it with Hannes.

John B.
> On Apr 16, 2016, at 6:42 PM, Samuel Erdtman  wrote:
> 
> Hi,
> 
> I'm working on the IANA section in 
> https://tools.ietf.org/html/draft-ietf-ace-oauth-authz 
> .
> 
> In https://tools.ietf.org/html/draft-ietf-ace-oauth-authz 
>  we want to have the 
> option to get the PoP parameters (alg, key and aud) via introspection e.g. if 
> using a reference token.
> 
> At the moment I wrote the registration text of the parameters in the ACE 
> specification but I think it would be preferable if 
> https://tools.ietf.org/html/draft-ietf-oauth-pop-key-distribution 
>  did the 
> registration for introspection too.
> 
> Comments?
> 
> //Samuel
> ___
> Ace mailing list
> a...@ietf.org
> https://www.ietf.org/mailman/listinfo/ace

___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

[OAUTH-WG] PoP, Introspection and ACE

[Samuel Erdtman]

Hi,

I'm working on the IANA section in
https://tools.ietf.org/html/draft-ietf-ace-oauth-authz.

In https://tools.ietf.org/html/draft-ietf-ace-oauth-authz we want to have
the option to get the PoP parameters (alg, key and aud) via introspection
e.g. if using a reference token.

At the moment I wrote the registration text of the parameters in the ACE
specification but I think it would be preferable if
https://tools.ietf.org/html/draft-ietf-oauth-pop-key-distribution did the
registration for introspection too.

Comments?

//Samuel
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth