It took a bit of looking but Neil is correct and that some other document is RFC9200:
https://datatracker.ietf.org/doc/html/rfc9200#name-cbor-web-token-claims (last one in that section) which doesn't seem quite right. I would have expected the entry in the registry to point back to RFC9200, especially because it has details about the CWT scope claim (e.g., claim key value and additional binary encoding value) that are definitely not in RFC8693. But that seems to explain the state of that entry in the registry anyway. On Wed, Jan 24, 2024 at 11:45 AM Neil Madden <neil.e.mad...@gmail.com> wrote: > RFC8693 didn't register anything for CWT at all. Some other document has > registered scope for CWT and pointed at that RFC as the reference for some > reason. > > -- Neil > > On 24 Jan 2024, at 18:37, Orie Steele <orie@transmute.industries> wrote: > > I'm working on a document that has some similarity to EAT from RATS, in > that it is trying to enable JWT and CWT to be used for a use case. > > Is there a reason that RFC8693 registers "scope" and "client_id" for JWT, > but only "scope" for CWT ? > > - https://www.iana.org/assignments/jwt/jwt.xhtml > - https://www.iana.org/assignments/cwt/cwt.xhtml > > How can I use "client_id" in CWT ? > > OS > > -- > > ORIE STEELE > Chief Technology Officer > www.transmute.industries > <https://transmute.industries/> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
