I'd be open to a proposal for also supporting encryption. The draft was intended to be a starting point for productive discussion - not a finished product.
Your thoughts? -- Mike From: Dick Hardt [mailto:dick.ha...@gmail.com] Sent: Sunday, September 26, 2010 9:17 PM To: Mike Jones Cc: oauth@ietf.org Subject: Re: [OAUTH-WG] JSON Web Token (JWT) Specification Draft Did you intentionally decide not to support encrypting the token? On 2010-09-23, at 5:22 PM, Mike Jones wrote: Recognizing that there is substantial interest in representing sets of claims in JSON tokens, Yaron Goland and I have put together a draft JSON Web Token (JWT) spec for that purpose. To answer the obvious question, while this was produced independently of Dirk's JSON token proposal<http://balfanz.github.com/jsontoken-spec/draft-balfanz-jsontoken-00.html>, both of us agree that we should come up with a unified spec. Consider this an additional point in the possible design space from which to start discussions and drive consensus. (If you read the two proposals, I think you'll find that there's already a lot in common, which is great.) Thanks to those of you who have already given us feedback to improve the draft prior to this point. Cheers, -- Mike <jwt.html><jwt.xml>_______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth