Re: [OAUTH-WG] SD-JWT explicit guidance on parsing json strings

Thanks David, responses inline: On Fri, Oct 13, 2023 at 6:35 PM David Waite wrote: > > > On Oct 13, 2023, at 3:52 PM, Orie Steele > wrote: > > Inline (and sorry for repeating points / rambling) : > > On Fri, Oct 13, 2023 at 1:25 PM Brian Campbell > wrote: > >> That makes sense in principle

Re: [OAUTH-WG] SD-JWT explicit guidance on parsing json strings

> On Oct 13, 2023, at 3:52 PM, Orie Steele wrote: > > Inline (and sorry for repeating points / rambling) : > > On Fri, Oct 13, 2023 at 1:25 PM Brian Campbell > wrote: >> That makes sense in principle but is maybe not particularly actionable or >> helpful

Re: [OAUTH-WG] SD-JWT explicit guidance on parsing json strings

Inline (and sorry for repeating points / rambling) : On Fri, Oct 13, 2023 at 1:25 PM Brian Campbell wrote: > That makes sense in principle but is maybe not particularly actionable or > helpful guidance. The need to do some JSON parsing/processing prior to > signature verification is kinda

[OAUTH-WG] oauth - Requested sessions have been scheduled for IETF 118

Dear Rifaat Shekh-Yusef, The session(s) that you have requested have been scheduled. Below is the scheduled session information followed by the original request. oauth Session 1 (2:00 requested) Tuesday, 7 November 2023, Session III 1530-1630 Europe/Prague Room Name: Congress Hall

Re: [OAUTH-WG] SD-JWT explicit guidance on parsing json strings

That makes sense in principle but is maybe not particularly actionable or helpful guidance. The need to do some JSON parsing/processing prior to signature verification is kinda inherent to JWS itself. At a minimum the algorithm is in the header. And as you note, a key id or similar might also be