I just added the ballot for these drafts, can this be fixed quickly? Thanks. Kathleen
On Sun, Dec 13, 2015 at 11:07 PM, Mike Jones <michael.jo...@microsoft.com> wrote: > Good eye, James! Thanks for catching this. I’ll fix it right away. > > > > It turns out that examples are based on the trace captured in February 2013 > – well before the Xbox One launch in November 2013. I’d actually noticed > this then and had Xbox correct their code. But silly me, I failed to > uniformly correct it in the draft. > > > > Thanks again! > > -- Mike > > > > From: Manger, James [mailto:james.h.man...@team.telstra.com] > Sent: Sunday, December 13, 2015 8:04 PM > To: Mike Jones <michael.jo...@microsoft.com>; Kathleen Moriarty > <kathleen.moriarty.i...@gmail.com>; oauth@ietf.org > Subject: RE: [OAUTH-WG] implementations of > draft-ietf-oauth-proof-of-possession > > > > That value uses strings for expiry and not-before dates so it is not a valid > JWT; these dates need to be numbers. > > > > 3 of the examples in draft-ietf-oauth-proof-of-possession are similarly > invalid (“exp” and “iat”); 1 example gets it right. > > > > -- > > James Manger > > > > -----Original Message----- > From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Mike Jones > Sent: Monday, 14 December 2015 2:40 PM > To: Kathleen Moriarty <kathleen.moriarty.i...@gmail.com>; oauth@ietf.org > Subject: Re: [OAUTH-WG] implementations of > draft-ietf-oauth-proof-of-possession > > > > Yes. Xbox One and its partners have been using this since its launch. The > following token claims are from a production trace captured in early 2013: > > > > { > > "iss":"xas.xboxlive.com", > > "aud":"http://auth.xboxlive.com", > > "exp":"1361398824", > > "nbf":"1360189224", > > "cnf":{ > > "jwk":{ > > "kty":"EC", > > "use":"sig", > > "crv":"P-256", > > "x":"18wHLeIgW9wVN6VD1Txgpqy2LszYkMf6J8njVAibvhM", > > "y":"-V4dS4UaLMgP_4fY4j8ir7cl1TXlFdAgcx55o7TkcSA" > > } > > } > > } > > > > -- Mike > > > > -----Original Message----- > > From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Kathleen Moriarty > > Sent: Sunday, December 13, 2015 7:14 PM > > To: oauth@ietf.org > > Subject: [OAUTH-WG] implementations of draft-ietf-oauth-proof-of-possession > > > > Hi, > > > > Are there any implementations of draft-ietf-oauth-proof-of-possession? > > > > Thanks! > > > > -- > > > > Best regards, > > Kathleen > > > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > > > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth -- Best regards, Kathleen _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth