Hi Jared,
On Thu, Apr 23, 2020 at 09:55:21PM -0500, Jared Jennings wrote:
> Hi all,
>
> I know I am super new to the list, so bare with me with my
> observations that I would like share with the group. Probably no one in the
> list knows me, but I am used to online forms, mailing lists and I been
The following link has the meeting material for the April 27th interim
meeting:
https://datatracker.ietf.org/meeting/interim-2020-oauth-06/session/oauth
Will upload the OAuth 2.1 slides when I get them.
Regards,
Rifaat
___
OAuth mailing list
OAuth@ietf
The next errata version of OpenID Connect Discovery will register the parameter
request_object_signing_alg_values_supported and other parameters not previously
registered. See https://openid.net/specs/openid-connect-discovery-1_0-29.html
for the latest published errata draft.
I can make a requ
Hi all,
another topic from last week’s virtual meeting.
Shall there be guidance on the request URI structure?
Please state your opinion.
thanks in advance,
Torsten.
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oaut
Hi Nat & John,
I tried to find out how signing & encryption algorithms are determined in the
JAR context.
I just found this note in the history for -07: "Stopped talking about
request_object_signing_alg”
I assume you assume this is done via client registration parameters registered
in
https
Hi all,
this is one of the topics we quickly flipped through in the virtual meeting
last week.
I see the following open questions:
- Can the client require its instances to use request objects only.
- Are there further requirements on the properties of these objects? Signed
only, Signed and e
Hi all,
I think this topic has several aspects:
- Is the client required to use PAR only? Doesn’t this also mean it is required
to use request_uri only?
- Is there a need to separate those to questions or shall we treat this as the
same?
- Who decides whether PAR and request_uri are required?
