looks good to me!
On Sun, Jul 14, 2013 at 7:56 PM, Mike Jones wrote:
> The following text is included about the potential privacy issue in JWT
> draft -10: “It is the responsibility of the application to ensure that
> only claims that are safe to be transmitted in an unencrypted manner are
> r
The following text is included about the potential privacy issue in JWT draft
-10: "It is the responsibility of the application to ensure that only claims
that are safe to be transmitted in an unencrypted manner are replicated as
Header Parameter values in the JWT."
JWT draft -10 allows Claims to be replicated as Header Parameters in encrypted
JWTs as needed by applications that require an unencrypted representation of
specific Claims. This draft is available at
http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-10, with an HTML
formatted version
