Small comment. If you use CBOR to transport a token, then it is easy to hash it because it is always going to be the raw bytes. If you use JSON to transport a token then it will be the raw bytes for a JWT, but it would be a base64url encoded value for a CWT. This means that the hash might not get the correct answer.
Jim _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace