[Openid-specs-ab] SWD and JWT drafts refreshed

Mike Jones Michael.Jones at microsoft.com
Mon Jul 11 07:30:04 UTC 2011


I just posted Simple Web Discovery (SWD) draft -01 because -00 was about to expire.  No normative changes were made.

I also just posted JSON Web Token (JWT) draft -05, with the only change being to define an optional "nbf" (not before) claim that is distinct from the "iat" (issued at) claim.  (This more closely parallels the capabilities of SAML tokens, where there are NotBefore, NotAfter, and IssueInstant values.)  "nbf" and "exp" should be used for bounding the token validity period, whereas "iat" should be used to determine token age.

See http://self-issued.info/docs/draft-jones-simple-web-discovery.html and http://self-issued.info/docs/draft-jones-json-web-token.html (or the IETF spec repositories) for the new drafts.

                                                            -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110711/45acfdbe/attachment.html>


More information about the Openid-specs-ab mailing list