FYI. An extremely simplistic approach to provide somewhat better protection than Bearer. I came up with the draft during IETF 88 at the Starback in the lobby with Tony. As such, it actually predates http://tools.ietf.org/html/draft-jones-oauth-proof-of-possession-00. Since I would like to discuss if all the functional requirements in this draft has been incorporated into http://tools.ietf.org/html/draft-jones-oauth-proof-of-possession-01, I have refreshed the draft.
Best, Nat ---------- Forwarded message ---------- From: <internet-dra...@ietf.org> Date: 2014-07-05 1:02 GMT+09:00 Subject: New Version Notification for draft-sakimura-oauth-rjwtprof-02.txt To: Nat Sakimura <sakim...@gmail.com> A new version of I-D, draft-sakimura-oauth-rjwtprof-02.txt has been successfully submitted by Nat Sakimura and posted to the IETF repository. Name: draft-sakimura-oauth-rjwtprof Revision: 02 Title: OAuth 2.0 Registered JWT Profile 1.0 Document date: 2014-07-04 Group: Individual Submission Pages: 8 URL: http://www.ietf.org/internet-drafts/draft-sakimura-oauth-rjwtprof-02.txt Status: https://datatracker.ietf.org/doc/draft-sakimura-oauth-rjwtprof/ Htmlized: http://tools.ietf.org/html/draft-sakimura-oauth-rjwtprof-02 Diff: http://www.ietf.org/rfcdiff?url2=draft-sakimura-oauth-rjwtprof-02 Abstract: This specification defines a profile of OAuth 2.0 framework that provides the holder of key facility for the compliant client. It achieves this without channel binding but solely based on the application protocol to make it easy for the client developers to develop such client. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
