Events without label "editorial"
Issues
--
* oauth-wg/oauth-transaction-tokens (+0/-1/💬0)
1 issues closed:
- Trust Doman vs trust domain https://github.com/oauth-wg/oauth-transaction-tokens/issues/145 [pre-last-call]
* oauth-wg/oauth-selective-disclosure-jwt (+1/-0/💬3)
1 issues creat
Nick,
As Dick indicated below, get a slide deck ready with your ideas, and Hannes
and I will make sure to allocate some time during one the OAuth WG sessions
to discuss this.
Regards,
Rifaat
On Sat, Feb 1, 2025 at 6:11 AM Dick Hardt wrote:
> Hey Nick, note that 2.1 does not introduce the man
Hey Nick, note that 2.1 does not introduce the mandate, it is in the OAuth
Security BCP.
While I agree that a refresh token expiry is handy, an AS can expire both a
refresh token and an access token at any time. It is only an upper bound,
just like the access token expiry.
If you will be at IETF
