[{"author": "Daniel Fett", "text": "<p>I'm not sure if the queue microphone is on. I can hear Roman, but it sounds like from a different mic.</p>", "time": "2023-07-25T16:32:50Z"}, {"author": "Atul Tulshibagwale", "text": "<p>Really pretty pic</p>", "time": "2023-07-25T16:40:41Z"}, {"author": "Darrel Miller", "text": "<p>Base64 encoded JSON values inside JSON strings? I'm feeling a little queasy.</p>", "time": "2023-07-25T16:46:47Z"}, {"author": "Hannes Tschofenig", "text": "<p>Do you want to ask this question, Darrel?</p>", "time": "2023-07-25T16:51:53Z"}, {"author": "Darrel Miller", "text": "<p>@hannes Sorry, I had to leave for a meeting.  I understand the constraints of packaging complex information inside a JWT.  I just wish there was another way.</p>", "time": "2023-07-25T17:03:16Z"}, {"author": "Roman Danyliw", "text": "<p>Sorry ... I didn't go to the mic ... I said \"we can request an early IANA review\"</p>", "time": "2023-07-25T17:17:42Z"}, {"author": "George Fletcher", "text": "<p>We could return two Uris in the WWW-Authenticate one for resource metadata and one for the associated AS. Though there some cases where the AS may change based on the requester.</p>", "time": "2023-07-25T17:43:20Z"}, {"author": "Kristina Yasuda", "text": "<p><span class=\"user-mention\" data-user-id=\"2475\">@Darrel Miller</span> hashed b64url encoded values inside a JWT</p>", "time": "2023-07-25T17:58:26Z"}, {"author": "Kristina Yasuda", "text": "<p>I am not entirely comfortable with WGLC of the cross-device security BCP. Depends on the security analysis too</p>", "time": "2023-07-25T18:02:17Z"}, {"author": "George Fletcher", "text": "<p>+1 for tackling client assertions separate from how it can be used</p>", "time": "2023-07-25T18:16:34Z"}]