Re: [OAUTH-WG] Digest for DPoP

Hi Roberto, The SHMIP draft is in the OIDF's FAPI repository https://bitbucket.org/openid/fapi/src/master/ and mailing list is https://lists.openid.net/mailman/listinfo/openid-specs-fapi The GNA

Re: [OAUTH-WG] Digest for DPoP

Hi @all, I'm planning to read those I-D as they might be useful in a project, and I'm happy to provide feedback on digest usage. In general, when building protocols over HTTP it is necessary to take into account the semantics (eg. range requests, caching, ...) because reverse proxies, WAF and api

Re: [OAUTH-WG] Digest for DPoP

My inclination is to keep digest[1] out of the base DPoP document. I do believe that including it would add unneeded complexity to regular old DPoP (there are some subtleties around digest that make it more complicated than one might expect) and, from a design philosophy perspective, DPoP has alway