We added on in openID Connect. acr : Though that is intended as a class reference for things like FICAM LoA 2 etc. You could make class references that only defined the primary authenticator.
The question is if there is enough consensus to put it in the JWT spec rather than in things profiling JWT. I am OK with putting it in JWT if there is a demand. John B. On 2012-05-15, at 10:54 AM, Lewis Adam-CAL022 wrote: > Hi, > > Apologies if the OAuth list is not the right place to ask this question, but > I’m trying to understand why JWT doesn’t have an “Authentication Context” > like reserved claim name (such as present in SAML). Knowing the primary > authentication method used to obtain the JWT seems just as fundamental as > knowing the issuer, principal, etc. > > I realize it’s easy enough to add your own, but from an inter-op perspective, > it just seems really valuable to be able to assert the primary authentication > method. > > Tx! > adam > > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of > Mike Jones > Sent: Saturday, May 12, 2012 7:19 PM > To: oauth@ietf.org > Subject: [OAUTH-WG] JSON Web Token (JWT) Specification Draft -10 > > Draft -10 of the JSON Web Token (JWT) specification has been published. It > uses the -02 versions of the JOSE specifications and contains parallel > editorial changes to those applied to the JOSE specs. Changes were: > Clarified the relationship between typ header parameter values, typ claim > values, and MIME types. > Clarified that JWTs with duplicate Header Parameter Names or Duplicate Claim > names MUST be rejected. > Required implementation of AES-128-KW and AES-256-KW when the implementation > provides encryption capabilities. > Registered "JWT" typ header parameter value. > Generalized language to refer to Message Authentication Codes (MACs) rather > than Hash-based Message Authentication Codes (HMACs) unless in a context > specific to HMAC algorithms. > Reformatted to give each claim definition and header parameter its own > section heading. > > The specification is available at: > · http://tools.ietf.org/html/draft-jones-json-web-token-10 > > An HTML formatted version is available at: > · http://self-issued.info/docs/draft-jones-json-web-token-10.html > > -- Mike > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
