Create COSE Token

[jricher]

So far, the messages draft defines the envelope and cryptographic operations but does not define any common application payload. Should we consider a COSE Token equivalent of JWT?

[jimsch]

I believe that this is more appropriate for the OAuth working group.

[selfissued]

No matter what working group the CBOR Token work would land in, it's clear that COSE and that work should closely coordinate. These COSE issues point out that the COSE and CBOR Token work are already highly related, and that COSE needs a CBOR Token companion spec:

Issue #13 Move “creation time” value to the payload
Issue #14 Move “sequence number” value to the payload

I look forward to working group discussions of the topic.

[jimsch]

Work is expected to be done, however it is expected to be done in the OAUTH working group where the document https://tools.ietf.org/id/draft-wahlstroem-oauth-cbor-web-token-00.txt has been submitted for consideration.

[cose-ietf]

This will be ACE now.

Thanks,
Kathleen

Sent from my iPhone

On Nov 22, 2015, at 9:02 PM, Jim Schaad notifications@github.com wrote:

Work is expected to be done, however it is expected to be done in the OAUTH working group where the document https://tools.ietf.org/id/draft-wahlstroem-oauth-cbor-web-token-00.txt has been submitted for consideration.

—
Reply to this email directly or view it on GitHub.

---

COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose