I support adoption. We have implementations of a similar spec and we don't think it would be good for vendors to have to support both, but that's not under control of OAuth... we hope there will be significant improvements made, after adoption to justify a separate spec, aside from CWT being generally better than JWT.
Many of these improvements have already been discussed on the other spec, and with the authors. It's unfortunate that the spec does not cite previous work, which the authors and undoubtedly aware of, the same comment was made at the microphone at the last IETF. We look forward to reviewing drafts and implementing the spec to compare it's performance vs the existing W3C work item, which I mentioned on a previous thread. If the performance is not substantially better I don't think the draft should become an RFC, but I'm happy to help make it better if that's possible... and this working group has the expertise to improve this work, so I think transferring control to the working group makes sense. OS On Sat, Sep 30, 2023, 7:53 AM Rifaat Shekh-Yusef <rifaat.s.i...@gmail.com> wrote: > All, > > This is an official call for adoption for the *JWT and CWT Status List* > draft: > https://datatracker.ietf.org/doc/draft-looker-oauth-jwt-cwt-status-list/ > > Please, reply *on the mailing list *and let us know if you are in *favor * > or* against *adopting this draft as WG document, by *Oct 13th*. > > Regards, > Rifaat & Hannes > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
