Might actually want both @ same time, so might be better to expand -----Original Message----- From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of hdknr hidelafoglia Sent: Tuesday, September 21, 2010 12:39 PM To: Yaron Goland Cc: oauth Subject: Re: [OAUTH-WG] OAuth Signature Draft Pre 00
Hi, If Crypto segment has a switch parameters of encryption or signature, JSON Token seems to handle encrypted token as well as signed token. --- hdknr 2010/8/31 Yaron Goland <yar...@microsoft.com>: > BTW, Nat and I, as mentioned below, are talking. Here is my current draft. > Please keep in mind that it's really just a set of notes trying to > capture all the issues involved in creating a secure token format so > it's a bit dense. My hope is that once all the issues are captured it > can be completely re-written to be in something that looks more like > English and is easier for actual implementers to follow. But for now I > think it gives a good sense of the some of the security challenges in > creating a secure token format. > > Yaron > > > > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf > Of Nat Sakimura > Sent: Tuesday, August 24, 2010 6:50 AM > To: oauth > Subject: [OAUTH-WG] OAuth Signature Draft Pre 00 > > > > Hi. > > > > It has been a few weeks since then I volunteered to do this work. > > I have written up to this pre 00 draft then have been doing some > reality checks on some script languages etc. > > > > No. This pre-00 draft is far from being feature complete. > > I still need to copy and paste the Magic Signatures text etc. > > Also, I should add how this spec is being used in some of the major flows. > > > > However, since I will not be able to work on it this week, I thought > it would be worthwhile to share this early draft so that you have some > clarity into the progress. > > > > Apparently, Yaron has been working on it as well. We will compare the > notes and try to merge, I hope. > > > > So, here it is! > > > > #For those of you who have seen the private draft, it has not been > changed since July 31. > > > > Best, > > > > =nat > > > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth