Re: [OAUTH-WG] confirmation model in proof-of-possession-02

2015-08-18 Thread Nat Sakimura
ited to a single key for both >> asymmetric and symmetric?". This is pertinent because as I wrote in the >> first thread mentioned at >> http://www.ietf.org/mail-archive/web/oauth/current/msg14856.html, "Part >> of the reasoning for using a structured confirmation claim, rather than >> fla

Re: [OAUTH-WG] confirmation model in proof-of-possession-02

2015-08-18 Thread Brian Campbell
hold each confirmation key, using the same structure as "cnf"). > > -Original Message- > From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Kathleen Moriarty > Sent: Tuesday, August 11, 2015 3:00 PM > To: John Bradley > Cc: oauth > Subject: Re: [OAUTH-WG] confirmati

Re: [OAUTH-WG] confirmation model in proof-of-possession-02

2015-08-18 Thread Anthony Nadalin
hread “[OAUTH-WG] JWT PoP Key >> > Semantics WGLC followup 3 (was Re: confirmation model in >> > proof-of-possession-02)”, if different keys are being confirmed, >> > they can define additional claims other than “cnf” using the same >> > structur

Re: [OAUTH-WG] confirmation model in proof-of-possession-02

2015-08-11 Thread Kathleen Moriarty
web/oauth/current/msg14305.html in which he >> wrote "Is this proposal also limited to a single key for both asymmetric and >> symmetric?". This is pertinent because as I wrote in the first thread >> mentioned at >> http://www.ietf.org/mail-archive/web/oauth/current/msg14856.html, "Part of >&g

Re: [OAUTH-WG] confirmation model in proof-of-possession-02

2015-08-11 Thread John Bradley
ve/web/oauth/current/msg14856.html > <http://www.ietf.org/mail-archive/web/oauth/current/msg14856.html>, "Part of > the reasoning for using a structured confirmation claim, rather than > flattening the confirmation claim into the top-level JWT claims set, is that > a JWT ma

Re: [OAUTH-WG] confirmation model in proof-of-possession-02

2015-08-11 Thread Brian Campbell
> flattening the confirmation claim into the top-level JWT claims set, is > that a JWT may carry more than one conformation key or key descriptor" - > per Tony's use cases. John Bradley's note agreeing that flattening would > be a bad direction was a response to that. >

Re: [OAUTH-WG] confirmation model in proof-of-possession-02

2015-08-11 Thread Mike Jones
ny's use cases. John Bradley's note agreeing that flattening would be a bad direction was a response to that. -- Mike -----Original Message----- From: Kathleen Moriarty [mailto:kathleen.moriarty.i...@gmail.com] Sent: Tuesday, August 11, 2015 6:00 AM To: Mike Jon

Re: [OAUTH-WG] confirmation model in proof-of-possession-02

2015-08-11 Thread Kathleen Moriarty
this point. Thanks! Kathleen > > > > Thanks again, > > -- Mike > > > > From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Brian Campbell > Sent: Monday, March 23, 2015 9:07 AM > To: oauth > Subject:

Re: [OAUTH-WG] confirmation model in proof-of-possession-02

2015-08-10 Thread Mike Jones
. Thanks again, -- Mike From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Brian Campbell Sent: Monday, March 23, 2015 9:07 AM To: oauth Subject: [OAUTH-WG] confirmation model in proof-of

Re: [OAUTH-WG] confirmation model in proof-of-possession-02

2015-03-23 Thread Nat Sakimura
+1 =nat via iPhone 2015/03/23 11:07、Brian Campbell のメッセージ: > This is mostly about section 3.4 but also the whole draft. > > If "cnf" is intended to analogous to the SAML 2.0 SubjectConfirmation > element, it should probably contain an array value rather than an object > value. SAML allows no

[OAUTH-WG] confirmation model in proof-of-possession-02

2015-03-23 Thread Brian Campbell
This is mostly about section 3.4 but also the whole draft. If "cnf" is intended to analogous to the SAML 2.0 SubjectConfirmation element, it should probably contain an array value rather than an object value. SAML al