> Jim Schaad
> Cc: ace@ietf.org
> Subject: RE: [Ace] Parameter abbreviation number ranges for
draft-ietf-ace-
> oauth-authz
>
> Especially in light of the possibility of signed requests along the lines
of
> https://tools.ietf.org/html/draft-ietf-oauth-jwsreq-16, I believe th
On 2018-08-28 18:44, Mike Jones wrote:
Especially in light of the possibility of signed requests along the
lines of https://tools.ietf.org/html/draft-ietf-oauth-jwsreq-16, I
believe that all the ACE OAuth parameters should be registered as CWT
claims.
Ok.
I'll repeat my request, wearing my
On 2018-08-27 18:39, Samuel Erdtman wrote:
+1 on pushing up error_description and error_uri
I think client_id might be worth keeping low since it is often used even
when in combination with client_secret. See OAuth Mtls as an example.
On Mon, 27 Aug 2018 at 18:20, Jim Schaad
On 2018-08-27 18:19, Jim Schaad wrote:
-Original Message-
Background:
CBOR integers have a very compact representation (1 byte) for numbers from
0-23, from 24-255 (which is all we will ever need ;-) ) they use 2 bytes.
~snip~
client_id 24
client_secret 25
response_type 26
gt; > From: Ace On Behalf Of Ludwig Seitz
> > Sent: Monday, August 27, 2018 12:52 AM
> > To: ace@ietf.org
> > Subject: [Ace] Parameter abbreviation number ranges for
> draft-ietf-ace-oauth-
> > authz
> >
> > Hello group,
> >
> > at IETF 102 there
> -Original Message-
> From: Ace On Behalf Of Ludwig Seitz
> Sent: Monday, August 27, 2018 12:52 AM
> To: ace@ietf.org
> Subject: [Ace] Parameter abbreviation number ranges for
draft-ietf-ace-oauth-
> authz
>
> Hello group,
>
> at IETF 102 there was a
Hello group,
at IETF 102 there was a discussion about the numerical abbreviations we
introduced for both OAuth parameter names and access token claim names.
I have generated a proposal that makes better use of the number space,
but I'd like the OAuth specialists to have a look at it and see
