Thanks Ludwig, -31 is improved with regard to my previous concerns about
'exi'
On Sat, Jan 18, 2020 at 9:22 AM Ludwig Seitz wrote:
> On 2020-01-13 22:01, Brian Campbell wrote:
> > Thanks for the updates Lugwig,
> >
> > Section 6.6. does propose one mitigation for the unbounded memory growth
> >
On 2020-01-13 22:01, Brian Campbell wrote:
Thanks for the updates Lugwig,
Section 6.6. does propose one mitigation for the unbounded memory growth
problem. However, it relies on the AS to do pretty specific things with
the content of other claims for it to even be possible for an RS to
perform t
;
> *From:* Ace *On Behalf Of *Brian Campbell
> *Sent:* den 10 januari 2020 21:57
> *To:* Ludwig Seitz
> *Cc:* Roman Danyliw ; jwt-reg-rev...@ietf.org; Jim Schaad <
> i...@augustcellars.com>; The IESG ; ace@ietf.org;
> drafts-lastc...@iana.org; Benjamin Kaduk
> *Subject:*
Danyliw ; jwt-reg-rev...@ietf.org; Jim Schaad
; The IESG ; ace@ietf.org;
drafts-lastc...@iana.org; Benjamin Kaduk
Subject: Re: [Ace] [Jwt-reg-review] Requested review for IANA registration in
draft-ietf-ace-oauth-authz
I'm really struggling with understanding what the value of an "a
I'm really struggling with understanding what the value of an "ace_profile"
claim actually would be in a JWT. A JSON string that's the profile name
(though 5.6.4.3 maybe prohibits that)? A JSON number that's an integer
matching the CBOR Value? Something else?
Is the value of "exi" in a JWT a JSON