[OAUTH-WG] AD Review of draft-ietf-oauth-jwt-bcp

Rich version of this review at: https://mozphab-ietf.devsvcdev.mozaws.net/D4649 COMMENTS S 1.2. > 1.2. Conventions used in this document > > The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", > "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and >

Re: [OAUTH-WG] Last Call: (OAuth 2.0 Token Exchange) to Proposed Standard

Hi all (and Brian :-)), Whilst implementing the client side of OAuth 2.0 Token Exchange into an Apache module I ran into some questions wrt. authentication to the token exchange endpoint as specified in section 2.1: https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-14#section-2.1 1. the