Thanks John for your reply, have you had time to discuss a way forward with Hannes.
I agree we should absolutely register cnf in introspection to go inline with RFC 7800. Since RFC 7800 is done it might be preferable to do the registration in the ACE specification that is the specification that needs it. //Samuel On Sun, Apr 17, 2016 at 1:23 AM, John Bradley <ve7...@ve7jtb.com> wrote: > It is probably best to register “cnf” to match RFC 7600 so we don’t have > two different structures one for JWT/CWT and one for introspection. > > On the other hand introspected tokens are generally relatively custom in > what claims they pass. > > I will discuss it with Hannes. > > John B. > > On Apr 16, 2016, at 6:42 PM, Samuel Erdtman <sam...@erdtman.se> wrote: > > Hi, > > I'm working on the IANA section in > https://tools.ietf.org/html/draft-ietf-ace-oauth-authz. > > In https://tools.ietf.org/html/draft-ietf-ace-oauth-authz we want to have > the option to get the PoP parameters (alg, key and aud) via introspection > e.g. if using a reference token. > > At the moment I wrote the registration text of the parameters in the ACE > specification but I think it would be preferable if > https://tools.ietf.org/html/draft-ietf-oauth-pop-key-distribution did the > registration for introspection too. > > Comments? > > //Samuel > _______________________________________________ > Ace mailing list > a...@ietf.org > https://www.ietf.org/mailman/listinfo/ace > > >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
