I personally don’t agree with this errata. Token Revocation was never meant to
act as a protected resource, but rather as a function of the AS. The client is
known to the AS and so authentication is expected here.
— Justin
> On Aug 22, 2021, at 5:14 AM, RFC Errata System
> wrote:
>
> The fo
Hi all,
I would like to invite you to the OAuth Security Workshop 2021, a
fully-virtual, two-day event on
*November 30 and December 1, 2021 (UTC).*
The OAuth Security Workshop (OSW) aims to improve the security of OAuth,
OpenID Connect, GNAP and related Internet protocols by facilitating
direct
