Re: [OAUTH-WG] JWT spec
Hannes Tschofenig <hannes.tschofenig@gmx.net> Thu, 09 May 2013 11:22 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1B2621F8E59 for <oauth@ietfa.amsl.com>; Thu, 9 May 2013 04:22:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rmovjg5DP-cr for <oauth@ietfa.amsl.com>; Thu, 9 May 2013 04:21:58 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) by ietfa.amsl.com (Postfix) with ESMTP id 396C121F8E56 for <oauth@ietf.org>; Thu, 9 May 2013 04:21:57 -0700 (PDT)
Received: from mailout-de.gmx.net ([10.1.76.35]) by mrigmx.server.lan (mrigmx001) with ESMTP (Nemesis) id 0Lsdt9-1UP6LM06S9-012KUU for <oauth@ietf.org>; Thu, 09 May 2013 13:21:57 +0200
Received: (qmail invoked by alias); 09 May 2013 11:21:56 -0000
Received: from unknown (EHLO [10.72.209.52]) [193.1.64.8] by mail.gmx.net (mp035) with SMTP; 09 May 2013 13:21:56 +0200
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX18yZ113wysym9tEB1xrICqGRKmAv3ggM3m/eDzGVj cVdrlRu5HSGj2g
Message-ID: <518B86D3.4010701@gmx.net>
Date: Thu, 09 May 2013 14:21:55 +0300
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130329 Thunderbird/17.0.5
MIME-Version: 1.0
To: Antonio Sanso <asanso@adobe.com>
References: <A34392DA-003F-4B19-A807-B3EBD516BA68@adobe.com>
In-Reply-To: <A34392DA-003F-4B19-A807-B3EBD516BA68@adobe.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
Cc: "oauth@ietf.org WG" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] JWT spec
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 May 2013 11:22:10 -0000
Hi Antonio,
this parameter is supposed to show how the extension points works.
Here is the text from the draft about how these extensions are supposed
to work:
Collision Resistant Namespace A namespace that allows names to be
allocated in a manner such that they are highly unlikely to
collide with other names. For instance, collision resistance can
be achieved through administrative delegation of portions of the
namespace or through use of collision-resistant name allocation
functions. Examples of Collision Resistant Namespaces include:
Domain Names, Object Identifiers (OIDs) as defined in the ITU-T
X.660 and X.670 Recommendation series, and Universally Unique
IDentifiers (UUIDs) [RFC4122]. When using an administratively
delegated namespace, the definer of a name needs to take
reasonable precautions to ensure they are in control of the
portion of the namespace they use to define the name.
This text is a bit fuzzy.
Ciao
Hannes
On 05/09/2013 12:53 PM, Antonio Sanso wrote:
> Hi *,
>
> the example plaintext in the JWT specification [0] has a "weird" JWT
> claims Set:
>
> {"iss":"joe",
> "exp":1300819380,
> "http://example.com/is_root":true}
>
> The "http://example.com/is_root":true part looks a bit odd to me. Is it
> a typo?
>
> Regards
>
> Antonio
>
> [0]
> http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-07#section-4.1
>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>
- [OAUTH-WG] JWT spec Antonio Sanso
- Re: [OAUTH-WG] JWT spec Hannes Tschofenig