Is There a Change in Token Revocation?

The issues of token revocation versus length of token lifetime, how revocation might be understood are unchanged. Many people in fact use introspection that I was talking about before as a mechanism to also check revocation because when you have a Jot token, a JWT, it's all self-contained so there's nothing indicating no way to know that it has been revoked without doing some other sort of something else. It's a whole topic with trade-offs on its own but the pop tokens don't change the equation in any way. They're typically not long lived.