Hi I am wondering if the following terminology is more appropriate for the DPoP draft (https://tools.ietf.org/html/draft-fett-oauth-dpop-04): - Since a DPoP proof is a JWT encoded in a JWS may be it is better to say "DPoP proof payload" instead of "DPoP proof body" (end of page 4). - For the same reason use "JOSE header" instead of "JSON header" (beginning of page 5) - Moreover, here and there it is stated "the header of the JWT". AFAIU JWTs do not have headers themselves but the header is part of the JWS/JWE structure in which the JWT is encoded. So may be it is more appropriate to say "the JOSE header" instead of "the header of the JWT".
Best, Nikos -- Nikos Fotiou - http://pages.cs.aueb.gr/~fotiou Researcher - Mobile Multimedia Laboratory Athens University of Economics and Business https://mm.aueb.gr
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
