[Openid-specs-ab] JWT: Segment Order
hdknr at ic-tact.co.jp
Tue Dec 21 23:02:53 UTC 2010
Thank you very much, Mike.
I'll check it.
2010/12/22 Mike Jones <Michael.Jones at microsoft.com>:
> Hi Hideki,
> This was discussed at IIW, with notes being posted at http://self-issued.info/?p=361. In particular, the field ordering conclusions were recorded as follows:
> Ordering of the fields
> By a vote of 8 to 1, people preferred the ordering envelope.payload.signature over the ordering signature.envelope.payload. Two reasons were cited: First, this allows for stream-mode operations, where consumers can begin operations based upon the contents of the envelope before the signature has arrived without having to buffer the signature, and where producers can compute the signature in parallel with the transmission of the envelope and payload. The counter-argument advanced by Paul Tarjan of Facebook (in abstentia) is that all languages have a string operation to split a string on the first occurrence of a character.
> Best wishes,
> -- Mike
> -----Original Message-----
> From: openid-specs-ab-bounces at lists.openid.net [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of hideki nara
> Sent: Tuesday, December 21, 2010 1:15 PM
> To: openid-specs-ab at lists.openid.net
> Subject: [Openid-specs-ab] JWT: Segment Order
> I'm afraid that I may miss the previous discussion.
> Current draft defines the segment sequence of Header,Payload and Crypto in order.
> I think that the order of Payload,Header and Crypto could be better when we think of multiple signature because easy to add extra signature set to the end.
> I mean a token with three signature look like this:
> Otherwise with keeping the order in current draft:
> Clarification would be a good X'mas present from you to me.
> Best regards!
> hideki nara
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
More information about the Openid-specs-ab