Well, OpenID Connect has a section register JWT claims so it can't be too premature: http://openid.net/specs/openid-connect-core-1_0.html#IANA
However, private claims are often good enough for JWTs between a related AS and RS: http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-19#section-4.3 On Fri, Apr 25, 2014 at 3:04 PM, Bill Burke <bbu...@redhat.com> wrote: > > > On 4/25/2014 4:12 PM, Brian Campbell wrote: > >> >> IHMO getting everyone to agree on the specific claims etc. needed for a >> standardized JWT access token is a bit of a rat's nest, which is why >> there's not been much progress in that area. >> >> > I guess any IANA registry submissions for new JWT claims is premature > until an RFC is out for JWT? Or are people writing drafts for their own > personal claims? > > Thanks. > > > -- > Bill Burke > JBoss, a division of Red Hat > http://bill.burkecentral.com >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth