You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: draft-ietf-oauth-status-list.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -204,7 +204,7 @@ The following content applies to the JWT Claims Set:
204
204
* `sub`: REQUIRED. The `sub` (subject) claim MUST specify a unique string identifier for the Status List Token. The value MUST be equal to that of the `uri` claim contained in the `status_list` claim of the Referenced Token.
205
205
* `iat`: REQUIRED. The `iat` (issued at) claim MUST specify the time at which the Status List Token was issued.
206
206
* `exp`: OPTIONAL. The `exp` (expiration time) claim, if present, MUST specify the time at which the Status List Token is considered expired by its issuer.
207
-
* `ttl`: OPTIONAL. The `ttl` (time to live) claim, if present, MUST specify the maximum amount of time, in seconds, that the Status List Token may be cached by a consumer before a fresh copy is retrieved. The value of the claim MUST be a positive number.
207
+
* `ttl`: OPTIONAL. The `ttl` (time to live) claim, if present, MUST specify the maximum amount of time, in seconds, that the Status List Token may be cached by a consumer before a fresh copy is retrieved. The value of the claim MUST be a positive number.
208
208
* `status_list`: REQUIRED. The `status_list` (status list) claim MUST specify the Status List conforming to the rules outlined in [](#status-list-json).
209
209
210
210
The following additional rules apply:
@@ -385,8 +385,8 @@ TODO elaborate on risks of incorrect parsing/decoding leading to erroneous statu
385
385
## Cached and Stale status lists
386
386
387
387
When consumers or verifiers of the Status List fetch the data, they need to be aware of its up-to-date status. The 'ttl' (time-to-live) claim
388
-
in the Status List Token provides one mechanism for setting a maximum cache time for the fetched data. This property permits distribution of
389
-
a status list to a CDN or other distribution mechanism while giving guidance to consumers of the status list on how often they need to fetch
388
+
in the Status List Token provides one mechanism for setting a maximum cache time for the fetched data. This property permits distribution of
389
+
a status list to a CDN or other distribution mechanism while giving guidance to consumers of the status list on how often they need to fetch
390
390
a fresh copy of the status list even if that status list is not expired.
391
391
392
392
## Authorized access to the Status List {#security-authorization}
0 commit comments