> On Aug 5, 2024, at 1:52 PM, Pieter Kasselman
> <pieter.kasselman=40microsoft....@dmarc.ietf.org> wrote:
>
> I tried to keep the changes to additional text that would scope the
> processing rules more precisely for the JWT/JWS/JWE cases (point 7 in the
> processing steps references JWS and JWE separately, so thought I would
> propose text that does something similar to that). The idea of additional
> text is that a reader who is familiar may find it easier to process the delta.
>
> However, if we want to change the text, I like your second option:
>
> "Verify the resulting JOSE Header according to RFC7515 or RFC7516."
>
> I don’t think we should delete the bullet completely.
>
> Cheers
>
> Pieter
I prefer this over the current text, which might be incorrectly construed to
provide counter guidance to the “crit” protected header parameter.
-DW
_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-le...@ietf.org
