Hannes,
in my opinion, OAuth should stay a token-format independent protocol. So
intuitively, I would vote to work on this topic
within another group. Otherwise people might get the impression that
OAuth is directly tied to a certain token format.
regards,
Torsten.
Am 10.01.2011 10:19, schrieb Hannes Tschofenig:
Hi all,
Mike had posted a mail about version -01 of the JSON Web Token document:
http://www.ietf.org/mail-archive/web/oauth/current/msg04912.html
The usage of JSON and security applied to it became crucial to the work in
OAuth.
As we start our re-chartering it would be logical to add it to our charter as
well.
While this is my first choice there may be resistance in doing so since we
expand our charter quite a bit.
As a backup, I would therefore like to propose to (a) try to include it in the
OAuth re-chartering and (b) at the same time request a BOF at the next IETF
meeting.
Here is the charter writeup for the BOF:
http://ietherpad.com/ce7Vc6AAay
Interestingly enough there are others in the IETF who also want to standardize
JSON signing and encryption (but for other use cases). I am in contact with
them and will try to combine our effort to reach the goal faster.
Your comments on the charter writeup are appreciated.
Ciao
Hannes
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth