[Openid-specs-heart] Issue #3: "sub" in JWT (openid/heart)

Justin Richer issues-reply at bitbucket.org
Fri Mar 11 22:08:56 UTC 2016

Previous message: [Openid-specs-heart] Issue #2: 'kid' field in JWTs (openid/heart)
Next message: [Openid-specs-heart] Issue #4: Introspection example is out of sync (openid/heart)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

New issue 3: "sub" in JWT
https://bitbucket.org/openid/heart/issues/3/sub-in-jwt

Justin Richer:

Do we want to require sub in all JWTs? This could be privacy-leaking since it references a person not a software component.

Either make it optional or remove reference entirely.

Either way, the example doesn't include it.

Previous message: [Openid-specs-heart] Issue #2: 'kid' field in JWTs (openid/heart)
Next message: [Openid-specs-heart] Issue #4: Introspection example is out of sync (openid/heart)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Openid-specs-heart mailing list