Doing my shepherd write-up I had a few minor questions: * Could you move the RFC 6755 reference to the normative reference section? Reason: the IANA consideration section depends on the existence of the urn:ietf:params:oauth registry.
* Could you move the JWK reference to the informative reference section? Reason: The JWK is only used in an example and not essential to the implementation or understanding of the specification. * Would it be sufficient to reference RFC 7159 instead of the [ECMAScript] reference? * The document registers 'urn:ietf:params:oauth:token-type' and it is used in the "type" header parameter. The text, however, states that the value can also be set to jwt. Why would someone prefer to use urn:ietf:params:oauth:token-type instead of the much shorter jwt value? Ciao Hannes
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
