Hi,
A new version has been submitted. It would awesome if we could get some
comments on the draft and thoughts about a potential future adoption.
https://tools.ietf.org/html/draft-erdtman-jose-cleartext-jws-01
Changes includes the change of canonicalization method and some minor
clarifications.
Hi Dries,
Good question. The intent of the expired_token error message is to
communicate to the device client that it should stop polling as the session
has expired. The reason we defined the separate error message for just this
case was so that clients could present an accurate message (i.e. that
