In context of <draft-ietf-oauth-pop-key-distribution-01> we then need to differentiate the case where the client wants to have the server attach the already stored key vs. the case where the client wants to create a new key regardless whether there is one stored or not.
Does that make sense? On 03/05/2015 01:58 PM, John Bradley wrote: > I am ok with saying that the JWK must have keyed if there is more than one > key and it SHOULD if there is only one.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
