This is the approach supported by the current draft. Thanks again for your
review comments.
-- Mike
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Nat Sakimura
Sent: Monday, March 23, 2015 12:11 AM
To: Brian Campbell
Cc: oauth
Subject: Re: [OAUTH-WG] proof-of-possession-02 cnf via key thumbprint?
Would not kid do?
Right, thumbprint has more semantics and has nice properties, but having too
many ways is not good for interop.
Nat
2015-03-23 15:40 GMT+09:00 Brian Campbell
<bcampb...@pingidentity.com<mailto:bcampb...@pingidentity.com>>:
Do folks in the WG think there'd be utility in having a way to identity the
finger/thumbprint of a key in the cnf claim. A presenter might, for example,
present the JWT along with a public JWK and some proof-of-possession of that
JWK. And the JWK would be bound to the JWT via the thumbprint, which is more
space efficient (with respect to the JWT anyway) than the full JWK.
_______________________________________________
OAuth mailing list
OAuth@ietf.org<mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth
--
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
