[Openid-specs-ab] JWT: data content type of payload
John Bradley
ve7jtb at ve7jtb.com
Fri Dec 17 14:46:45 UTC 2010
In the latest proposal we are working on, the "typ" element of the Envelope/Header allows you to specify a encoded as something other than Json Web Token.
Unless the typ is something other than JWT then the encoded object must be a JWT.
You could specify {"typ":"image/png","alg":"HS256"} for the header if you wanted.
There is no guarantee that an arbitrary implementation will deal with it.
We mostly want to support other JSON objects that don't conform to JWT.
John B.
On 2010-12-17, at 4:44 AM, hideki nara wrote:
> Hi,
>
> A Payload Segment may be produced by base64url encoding against
> "arbitrary content" from "draft-jones-json-web-token-01".
> I'm not sure how a verifier know the type of the original content
> after base64url decoding.
> "Arbitrary" may mean that PNG bit string of my profile picture can be
> tokenized into a JWT.
> Can I specify "image/png" to any parameter name in Header Segment JSON?
>
> Best regards
> -----
> hideki nara
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4767 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20101217/dc7901ae/attachment.p7s>
More information about the Openid-specs-ab
mailing list