, 2012 5:51 PM
To: 'prateek mishra'; oauth@ietf.org<mailto:oauth@ietf.org>
Subject: RE: [OAUTH-WG] Please review draft-ietf-oauth-json-web-token
Thanks for the comments, Prateek. Replies inline in green...
-- Mike
: Re: [OAUTH-WG] Please review draft-ietf-oauth-json-web-token
Hannes - here a couple of comments on the 05 draft -
(i) Section 4 -
[quote]
Note however, that the set of claims that a JWT must contain to be
considered valid is context-dependent and is outside the scope of this
specification. When
Hannes - here a couple of comments on the 05 draft -
(i) Section 4 -
[quote]
Note however, that the set of claims that a JWT must contain to be
considered valid is context-dependent and is outside the scope of this
specification. When
used in a security-related context, implementations MUST und
