gffletch
commented
4 months ago Email sent to the list... I'm not sure it makes sense to define this in the transaction token spec
Open tulshi opened 4 months ago
gffletch
commented
4 months ago Email sent to the list... I'm not sure it makes sense to define this in the transaction token spec
jricher
commented
4 months ago RFC9396 already defines "authorization_details" for use at the top level of a JWT.
gffletch
commented
2 months ago @jricher are you suggesting that we call out that if you want to put a RAR object inside the tctx that you add the authorization_details claim at the top level of the tctx? I wouldn't want the authorization_details claim at the top-level of the TraT.
The following was suggested by Justin at the IETF 120 session on TraTs: Paraphrasing: Justin suggested a way to include a RAR object itself.