Hi all, I published the first version of the DPoP draft at https://tools.ietf.org/html/draft-fett-oauth-dpop-00
Abstract This document defines a sender-constraint mechanism for OAuth 2.0 access tokens and refresh tokens utilizing an application-level proof-of-possession mechanism based on public/private key pairs. Thanks for the feedback I received so far from John, Mike, Torsten, and others during today's session or before! If you find any errors I would welcome if you open an issue in the GitHub repository at https://github.com/webhamster/draft-dpop - Daniel
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
