More on data formats
lukeh at padl.com
Mon Nov 25 18:47:58 PST 2013
On 26 Nov 2013, at 1:17 pm, Chris Karlof <ckarlof at mozilla.com> wrote:
> Regarding how we represent the email/uid in the sub, since JWT allows StringOrURI in the sub, we discussed using URIs to make the implied semantics more explicit. For example, for FxA certificates, the sub could be "urn:uuid:<FxA uid>", and for Persona certificates the sub could be "mailto:<user's email address>".
Because Persona doesn't actually require the subject to be a reachable e-mail address, I'd suggest acct: instead (see draft-ietf-appsawg-acct-uri-01) for the latter.
More information about the Dev-fxacct