CIBA: rt_hash

Issue #111 resolved

Takahiko Kawasaki created an issue 2018-11-07

In the page 21 of the 6th draft (draft-mobile-client-initiated-backchannel-authentication-06), urn:openid:params:jwt:claim:rt_hash is defined. If possible, giving a shorter name, rt_hash, would be better, considering similarity to at_hash (OIDC Core), c_hash (OIDC Core) and s_hash (FAPI Part 2).

Comments (8)

Axel Nennker
I agree. Let's make it rt_hash
- 2018-11-07T07:42:44+00:00
Brian Campbell
please see Issue ~~#93~~
- 2018-11-07T08:54:32+00:00
Brian Campbell
- assigned issue to
  
  Brian Campbell
- 2018-11-13T15:36:49+00:00
Axel Nennker
The IANA expert mentioned in ~~#93~~ is usually right, although in the past we most of the time moved from long strings to just something short. Ages ago we had schema.org url for attribute names, today we have just e.g. 'email'.

Maybe ask the expert again whether rt_hash needs IANA blessings.

Shorter is better.
- 2018-11-13T16:33:56+00:00
Brian Campbell
In the spirit of full disclosure, I am one of the 'designated experts' for the JWT claims registry and ~~#93~~ was written with that perspective.
- 2018-11-13T19:16:32+00:00
Brian Campbell
During the Nov 13 MODRNA WG call there was general consensus to keep the public claim names. But to also add a bit of explanatory text, maybe in the IANA section.
- 2018-11-13T23:28:05+00:00
Brian Campbell
pull request ~~#50~~ adds a JWT claims subsection to the IANA considerations explaining why no claims registration is requested and why collision resistant public names were used for the refresh token hash and auth_req_id
- 2018-11-16T19:46:45+00:00
Dave Tonge
- changed status to resolved
Pull request merged
- 2018-11-20T12:58:57+00:00
Log in to comment

Assignee: Brian Campbell

Type: proposal

Priority: major

Status: resolved

Component: CIBA

Milestone: CIBA Implementer's Draft

Votes: 0

Watchers: 0