> Am 10.01.2020 um 16:53 schrieb John Bradley <ve7...@ve7jtb.com>: > > I think Torsten is speculating that is not a feature people use.
I’m still trying to understand the use case for merging signed and unsigned parameters. Nat once explained a use case, where a client uses parameters signed by a 3rd party (some „certification authority“) in combination with transaction-specific parameters. Is this being done in the wild? PS: PAR would work with both modes. _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
