IANA JWT WebID Claim? from Kingsley Idehen on 2015-09-10 (public-webid@w3.org from September 2015)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Thu, 10 Sep 2015 09:49:31 -0400
To: public-webid@w3.org
Message-ID: <55F18A6B.4060109@openlinksw.com>

All,

See: http://www.iana.org/assignments/jwt/jwt.xhtml

Shouldn't we register a "webid" claim ?

"jti" [1] doesn't cut it due to:

"jti" (JWT ID) Claim

   The "jti" (JWT ID) claim provides a unique identifier for the JWT.
   The identifier value MUST be assigned in a manner that ensures that
   there is a negligible probability that the same value will be
   accidentally assigned to a different data object; if the application
   uses multiple issuers, collisions MUST be prevented among values
   produced by different issuers as well.  The "jti" claim can be used
   to prevent the JWT from being replayed.  The "jti" value is a *case-
   sensitive string*.  Use of this claim is OPTIONAL.


[1] http://tools.ietf.org/html/rfc7519 .

-- 
Regards,

Kingsley Idehen       
Founder & CEO 
OpenLink Software     
Company Web: http://www.openlinksw.com
Personal Weblog 1: http://kidehen.blogspot.com
Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Thursday, 10 September 2015 13:49:56 UTC