Mike Jones: self-issued

Musings on Digital Identity

Category: JSON

Simple Web Discovery

By

On October 26, 2010

In JSON, Specifications

Having a simple discovery method for services and resources is key to enabling many Internet scenarios that require interactions among parties that do not have pre-established relationships. For instance, if Joe, with e-mail address joe@example.com, wants to share his calendar with Mary, then Mary’s calendar service, in the general case, will need to discover the location of Joe’s calendar service. For example, Mary’s calendar service might discover that Joe’s calendar service is located at http://calendars.proseware.com/calendar/joseph by doing discovery for a service named urn:adatum.com:calendar at example.com for the account joe.

Yaron Goland and I are submitting this Simple Web Discovery (SWD) draft for consideration by the community to address this need. SWD is simple to understand and implement, enables different permissions to be applied to discovery of different services, and is JSON-based. I look forward to discussing this with many of you next week at IIW.

Updated JSON Web Token (JWT) draft based upon convergence proposal

By

On October 25, 2010

In Claims, Cryptography, JSON, Specifications

I’ve produced a new JSON token draft based on a convergence proposal discussed with the authors of the other JSON signing proposals. I borrowed portions of this draft with permission from Dirk Balfanz, John Bradley, John Panzer, and Nat Sakimura, and so listed them as co-authors. (You shouldn’t take their being listed as authors as their blanket endorsement of its content, but I appreciate their willingness to let me build upon their work.)

Hopefully we can develop consensus positions on these and any other issues found during IIW. This doc is intended as a further step in that direction.

A detailed comparison of the precursor documents, which led to the convergence proposal incorporated in this draft, is posted on the OAuth working group list.

JSON Web Token (JWT) Specification Draft

By

On September 30, 2010

In Claims, Cryptography, JSON, Specifications

Recognizing that there is substantial interest in representing sets of claims in JSON tokens, Yaron Goland and I have put together a draft JSON Web Token (JWT) specification for that purpose and published it to the OAuth list, where it is being discussed.

While this was produced independently of Dirk Balfanz’s JSON token proposal, both of us agree that we should come up with a unified spec. Consider this draft an additional point in the possible design space from which to start discussions and drive consensus. (If you read the two proposals, I think you’ll find that there’s already a lot in common, which is great.)

By the way, the draft suggests that the acronym JWT be pronounced like the English word “jot”.

I’d love to hear your feedback.

====

NOTE: This specification version has been superseded by draft-ietf-oauth-json-web-token. Do not use this version other than for historical reference purposes.

Page 14 of 14

Previous

Powered by WordPress & Theme by Anders Norén