-- Mike
From: John Bradley [mailto:ve7...@ve7jtb.com<mailto:ve7...@ve7jtb.com>]
Sent: Tuesday, August 11, 2015 4:05 PM
To: Mike Jones
Cc: Brian Campbell; oauth
Subject: Re: [OAUTH-WG] proof-of-possession-02 unencrypted oct JWK in encrypted
JWT okay?
OK
On Aug 11, 2015, at 12:57 AM, Mik
feedback, Brian!
>
>
>
> -- Mike
>
>
>
> *From:* John Bradley [mailto:ve7...@ve7jtb.com]
> *Sent:* Tuesday, August 11, 2015 4:05 PM
> *To:* Mike Jones
> *Cc:* Brian Campbell; oauth
> *Subject:* Re: [OAUTH-WG] proof-of-possession-02 unencrypted oct JWK in
> enc
]
Sent: Tuesday, August 11, 2015 4:05 PM
To: Mike Jones
Cc: Brian Campbell; oauth
Subject: Re: [OAUTH-WG] proof-of-possession-02 unencrypted oct JWK in encrypted
JWT okay?
OK
On Aug 11, 2015, at 12:57 AM, Mike Jones
mailto:michael.jo...@microsoft.com>> wrote:
As discussed in the thread “[OAUTH
Sunday, March 22, 2015 11:41 PM
> To: oauth
> Subject: [OAUTH-WG] proof-of-possession-02 unencrypted oct JWK in encrypted
> JWT okay?
>
> When the JWT is itself encrypted as a JWE, would it not be reasonable to have
> a symmetric key be represented in the cnf claim with the jwk mem
mpbell
> *Sent:* Sunday, March 22, 2015 11:41 PM
> *To:* oauth
> *Subject:* [OAUTH-WG] proof-of-possession-02 unencrypted oct JWK in
> encrypted JWT okay?
>
>
>
> When the JWT is itself encrypted as a JWE, would it not be reasonable to
> have a symmetric key be represented
encrypted. This will
happen in -04.
-- Mike
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Brian Campbell
Sent: Sunday, March 22, 2015 11:41 PM
To: oauth
Subject: [OAUTH-WG] proof-of-possession-02 unencrypted oct JWK in encrypted
When the JWT is itself encrypted as a JWE, would it not be reasonable to
have a symmetric key be represented in the cnf claim with the jwk member as
an unencrypted JSON Web Key?
Is such a possibility left as an exercise to the reader? Or should it be
more explicitly allowed or disallowed?
