Re: [OAUTH-WG] DPoP followup II: confirmation style

On Thu, Dec 3, 2020 at 5:55 PM wrote: > I think this topic is related to the question of "followup I: freshness and > > coverage of signature". The option 2 for the followup I will also break > AS/RS > > symmetry. If we choose the option 2 for followup I, I think we might as > well > > choose the

Re: [OAUTH-WG] DPoP followup II: confirmation style

n Campbell Sent: Thursday, December 3, 2020 7:29 AM To: oauth Subject: [OAUTH-WG] DPoP followup II: confirmation style There were a few items discussed somewhat during the recent interim<https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oauth> that I committed to bringing

Re: [OAUTH-WG] DPoP followup II: confirmation style

Strongly in favour of 2. I think history shows that successful standards make security checks hard to get wrong rather than merely easy to get right. — Neil > On 2 Dec 2020, at 22:28, Brian Campbell > wrote: > > There were a few items discussed somewhat during the recent interim >