Hi Mike, Thanks for doing this review; just to confirm one point...
On Tue, Mar 26, 2019 at 02:35:47PM +0000, Mike Jones wrote: > > 3. "Note to WG" - I suspect that this wouldn't get past the IESG without > crypto agility. A parameter probably needs to be introduced to specify the > hash algorithm used - with the default being SHA-256 if omitted. I don't have to suspect this; I am confident that it would not. See also BCP 201. -Ben _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
