I was starting to code up the encoding of scope and wanted to clarify what the encoding is.
The text appears to say that the encoding is: scope = [ groupId: tstr, ?[* role : any ]] I was expecting this to be more along the lines of scope = [ + scope_item ] scopeItem = [ groupId: tstr, ?[* role : any ]] This would allow for more than one group to be identified in a single token which I think is important given some of the statements about only having a single token for a client. This does not solve the resource server having multiple audiences but that is fine. I am unsure if it makes sense to allow for the array to be removed for scope in the second example in the event that only one group is specified. One byte saved at the expense of more code. Jim _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace