JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants
RFC 7523

Note: This ballot was opened for revision 10 and is now closed.

(Kathleen Moriarty) Yes

(Jari Arkko) No Objection

(Alia Atlas) No Objection

(Richard Barnes) (was Discuss) No Objection

Comment (2014-10-15 for -11)
"keyed message digest" -> "MAC"

Both this and the SAML document could save a lot of bits by just being subsections of the -assertions document.

(Benoit Claise) No Objection

(Adrian Farrel) No Objection

(Stephen Farrell) No Objection

Comment (2014-10-16 for -10)
- 2.1, assertion parameter: How come this one does not talk
about base64url whereas the saml one does?

(Brian Haberman) No Objection

(Joel Jaeggli) No Objection

(Barry Leiba) No Objection

(Ted Lemon) No Objection

(Pete Resnick) No Objection

Comment (2014-10-14 for -10)
I'm not going to repeat stuff that is identical to draft-ietf-oauth-saml2-bearer (and I did find that using <https://www.ietf.org/rfcdiff?url1=draft-ietf-oauth-saml2-bearer-21&difftype=--html&submit=Go%21&url2=draft-ietf-oauth-jwt-bearer-10> was very helpful). Please refer to my comments on that document.

(Martin Stiemerling) No Objection