Open jjensenral opened 3 months ago
(Regarding the assertion of group information, see also #10 and #25) Following G002 (G069), a user who has multiple groups from the same attribute authority is likely to end up with
urn:example:foo:group:a urn:example:foo:group:b urn:example:foo:group:c urn:example:foo:group:c:c1 urn:example:foo:group:c:c2
which, if/when all are asserted, is considered verbose (which may not matter when userinfo is used). Where today it could look like
userinfo
{ "groups": ["urn:example:foo:group:a","urn:example:foo:group:b","urn:example:foo:group:c","urn:example:foo:group:c:c1","urn:example:foo:group:c:c2"] }
it could change to, say,
{ "groups": {"urn:example:foo:group": ["a","b","c","c1","c2"]} }
(Regarding the assertion of group information, see also #10 and #25) Following G002 (G069), a user who has multiple groups from the same attribute authority is likely to end up with
which, if/when all are asserted, is considered verbose (which may not matter when
userinfo
is used). Where today it could look likeit could change to, say,