Re: [OAUTH-WG] Updated Charter to the IESG (this weekend)

Hi Justin,

I refered to the data format used at the AS-PR interface. According to 
your description, you use JSON objects there. What data does such an 
object contain? Is this any different from a JSON Web Token (leaving 
aside digital signatures and encryption)?

regards,
Torsten.

Am 18.04.2012 22:01, schrieb Justin Richer:
> Not all implementations in the field that do this are using JWTs as 
> the tokens. Ours in particular used a random blob with no structured 
> information in it. The endpoint returned a JSON object.
>
>  -- Justin
>
> On 04/18/2012 03:53 PM, Torsten Lodderstedt wrote:
>> Hi all,
>>
>> is there enough experience in the field with such an interface to 
>> standardize it?
>>
>> I would expect such an endpoint to return the same payload, which is 
>> carried in a JSON Web Token. So once we designed the JSON Web Tokens 
>> content, designing the AS-PR interface could be the next logical step 
>> (after the next re-charting).
>>
>> regards,
>> Torsten.
>>
>> Am 16.04.2012 21:04, schrieb Justin Richer:
>>>
>>>>> OK, but with SWD and discovery off the table, can this now be
>>>>> considered to be within that manageable number instead?
>>>> We wanted to keep the # of WG items to approximately 5.  Once we 
>>>> finish
>>>> some of these items and get them off our plate we could roll new items
>>>> onto the plate, theoretically.
>>>>
>>>
>>> That's definitely true going forward, but what I was saying is that 
>>> the number of items under consideration is now down to 4, with SWD 
>>> moving to the Apps group. I was proposing that the whole 
>>> introspection endpoint and general AS-PR connection could be this 
>>> group's fifth starting document.
>>>
>>>  -- Justin
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>