At the time of writing (September 2013), the JWT spec would have been only on it's 12th draft--it's had 19 follow-up drafts since then. It's possible that the author didn't know about them at all.
(Assuming you're the author -- who knows though.) Now that the JWT spec is mature and there are some nice implementations of it, do you think it's a good option for token-based authentication?