This spec was something we agreed upon as a team during the Queens
release. This commit reproposes it for Stein.
Major differences between this specification the original proposal
from Queens include:
- the algorithm targeted for the implementation
- the library being used to sign and validate JWTs
- the payload data and claim information
- asymmetric key rotation details
bp json-web-tokens
Change-Id: I598faca40a6d81dd58155165d4a323fb437f7a6c