It's officially still up in the air, as the WG and its chairs are trying to
figure out whether the MAC draft is worth resurrecting as-is or if there's
another, more general solution to signing-based tokens that can work.
Current thinking, after a session at an IIW earlier today on this very
There's also this means of providing identifying instance information for a
single client registration:
http://tools.ietf.org/html/draft-richer-oauth-instance-00
This is solving a different need and can be used in tandem with, or in lieu of,
the dynamic registration per-client, depending on
Thanks, Eve!
Igor
On 10/23/2012 7:36 PM, Eve Maler wrote:
Hi Igor-- If you mean enabling (um) Grandma Goldie to delegate child
pickup duties to Tom the Taxi Driver after having been herself
delegated to pick up the child by Peter Parent, then -- as long as
we're focusing on policy-based
One thing I'd like us to explicitly consider is to take JWT and the JWT
Assertion Profile to working group last call. That would make particular sense
if the JOSE WG also takes the JOSE specs to WGLC at the same time, which I'm
asking them to consider doing in Atlanta.