Outlines the format of the tokens and how they are verified. Outlines how clients should respond to bearer token authorization challenges. Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)