Would not kid do? Right, thumbprint has more semantics and has nice properties, but having too many ways is not good for interop.
Nat 2015-03-23 15:40 GMT+09:00 Brian Campbell <bcampb...@pingidentity.com>: > Do folks in the WG think there'd be utility in having a way to identity > the finger/thumbprint of a key in the cnf claim. A presenter might, for > example, present the JWT along with a public JWK and some > proof-of-possession of that JWK. And the JWK would be bound to the JWT via > the thumbprint, which is more space efficient (with respect to the JWT > anyway) than the full JWK. > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth