A key thumbprint value can be used as the value of the “cnf” “kid” member to
achieve this.
-- Mike
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Brian Campbell
Sent: Sunday, March 22, 2015 11:41 PM
To: oauth
Subject: [OAUTH-WG] proof-of-possession-02 cnf via key thumbprint?
Do folks in the WG think there'd be utility in having a way to identity the
finger/thumbprint of a key in the cnf claim. A presenter might, for example,
present the JWT along with a public JWK and some proof-of-possession of that
JWK. And the JWK would be bound to the JWT via the thumbprint, which is more
space efficient (with respect to the JWT anyway) than the full JWK.
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
