A New Internet-Draft is available from the on-line Internet-Drafts
directories. This Internet-Draft is a work item of the Web Authorization
Protocol (OAUTH) WG of the IETF.
Title : OAuth 2.0 for Browser-Based Apps
Authors : Aaron Parecki
David Waite
Section 7 of the DPoP specification [1] says that a "DPoP proof MUST
include the ath claim with a valid hash of the associated access token".
One reason for that requirement is given in the second paragraph of that
section:
> Binding the token value to the proof in this way prevents a proof to be
Dear Dick and Kristina,
Indeed there has been an interim meeting to discuss the PR related to the
last issue raised during IETF116. The change had been previously advertised
by Justin on the mailing list for open review, as always. The discussion
during the interim went through the diff and no out
