Thanks, Mike. Leave the ECMAScript reference in the document. I indicated it as a DOWNREF in the my shepherd write-up and that should be fine.
Ciao Hannes On 04/23/2014 06:32 PM, Mike Jones wrote: > Replies inline... > > > > -----Original Message----- > From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Hannes Tschofenig > Sent: Wednesday, April 23, 2014 4:49 AM > To: oauth@ietf.org > Subject: [OAUTH-WG] Minor questions regarding > draft-ietf-oauth-json-web-token-19 > > > > Doing my shepherd write-up I had a few minor questions: > > > > * Could you move the RFC 6755 reference to the normative reference > section? Reason: the IANA consideration section depends on the existence > of the urn:ietf:params:oauth registry. > > > > OK > > > > * Could you move the JWK reference to the informative reference section? > > Reason: The JWK is only used in an example and not essential to the > implementation or understanding of the specification. > > > > OK > > > > * Would it be sufficient to reference RFC 7159 instead of the > [ECMAScript] reference? > > > > No. There’s no equivalent to Section 15.12 of ECMAScript about the > lexically last member name to reference in RFC 7159. See the usage in > the first paragraph of > http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-19#section-4. > > > > * The document registers 'urn:ietf:params:oauth:token-type' and it is > used in the "type" header parameter. > > > > The text, however, states that the value can also be set to jwt. Why > would someone prefer to use urn:ietf:params:oauth:token-type instead of > the much shorter jwt value? > > > > There are use cases, such as using JWTs as tokens in WS-Trust, where a > URI is needed. > > > > Ciao > > Hannes > > > > Thanks for doing this. > > > > -- Mike > > >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
