[Openid-specs-ab] Remaining Issues

Nat Sakimura sakimura at gmail.com
Tue Oct 12 14:40:15 UTC 2010


For you convenience, I have created a version of JSS that is suggested by
Hideki.

Original version: http://jsonenc.info/jss/1.0/
New version: http://jsonenc.info/jss/1.0/json-simple-sign-1_0a.html

Which do yo prefer?

=nat

On Tue, Oct 12, 2010 at 6:27 PM, Nat Sakimura <sakimura at gmail.com> wrote:
> So far, the feedbacks that I got are:
>
> For the main spec:
>
> * Make 8.3 and 8.4 optional so that there could be two leg style request
>  -> I am not sure if this should be in AB as there is no "artifact"
> involved then.
>     Perhaps it is better to save it for Connect or CX?
>
> * _url and _uri are mixed. Understand that the authors made careful
>  selection of the terms, but it may be too much. Better standardize on _uri
>  -> OK to standardize on _uri ?
>
> For the signature spec (JSS):
>
> * Try to Unify with JWT for the Web Token serialization and signature:
> -> As I understand, the main deltas are:
>   * Whether to use short names as in JWT or long name as in Facebook.
>   * Whether to have sig_params so that it can support multiple
> signers and keys.
>   * Whether to have "payload" or just inserting signature parameters
> to the original JSON Object.
>
> For JSON serialization of JSS:
>
> * Whether to use "dictionary" as in the current proposal or "array"
> which simplifies bunch of things.
>
> For JWT serialization:
>
> * Whether to allow multiple signatures by sig1.sig2.sig3. ... . payload style.
>
> Please indicate your preferences.
>
> --
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
> http://twitter.com/_nat_en
>



-- 
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en


More information about the Openid-specs-ab mailing list