13, 2016 2:48 PM
*To:* Mike Jones ; oauth@ietf.org
*Subject:* Re: [OAUTH-WG] Using Referred Token Binding ID for Token
Binding of Access Tokens
Hi Mike,
does this mean the binding ID is indicated to the authorization server
via a respective HTTP header? I'm asking because I didn'
.
-- Mike
From: Torsten Lodderstedt [mailto:tors...@lodderstedt.net]
Sent: Sunday, November 13, 2016 2:48 PM
To: Mike Jones ; oauth@ietf.org
Subject: Re: [OAUTH-WG] Using Referred Token Binding ID for Token Binding of
Access Tokens
Hi Mike,
does this
Hi Mike,
does this mean the binding ID is indicated to the authorization server
via a respective HTTP header? I'm asking because I didn't find the
respective parameter in the draft.
Could you add a HTTP request example? I think that would help a lot to
better understand the mechanism.
best
The OAuth Token Binding specification has been revised to use the Referred
Token Binding ID when performing token binding of access tokens. This was
enabled by the Implementation Considerations in the Token Binding HTTPS
specification being added to make it clear that Token Binding implementati
