[Openid-specs-ab] Session Management Sha256

Nat Sakimura sakimura at gmail.com
Fri Jul 27 17:52:20 UTC 2012

In the last WG call, we decided to use base64url encoding rather than
the default hex.
The reason was for

1. Other places are using base64url encoding.
2. It is going to be shorter
3. For comparison, we do not need to do to_lower etc.

If you are using CryptoJS liberay, it has no basse64url encoder
available so you have to do it yourself.

If you think this is a bad idea, please do speak up.

Nat Sakimura (=nat)
Chairman, OpenID Foundation

More information about the Openid-specs-ab mailing list