subject:"Re\: \[OAUTH\-WG\] Using Referred Token Binding ID for Token Binding of Access Tokens"

Re: [OAUTH-WG] Using Referred Token Binding ID for Token Binding of Access Tokens

2016-11-13 Thread Torsten Lodderstedt

13, 2016 2:48 PM *To:* Mike Jones ; oauth@ietf.org *Subject:* Re: [OAUTH-WG] Using Referred Token Binding ID for Token Binding of Access Tokens Hi Mike, does this mean the binding ID is indicated to the authorization server via a respective HTTP header? I'm asking because I didn'

Re: [OAUTH-WG] Using Referred Token Binding ID for Token Binding of Access Tokens

2016-11-12 Thread Mike Jones

. -- Mike From: Torsten Lodderstedt [mailto:tors...@lodderstedt.net] Sent: Sunday, November 13, 2016 2:48 PM To: Mike Jones ; oauth@ietf.org Subject: Re: [OAUTH-WG] Using Referred Token Binding ID for Token Binding of Access Tokens Hi Mike, does this

Re: [OAUTH-WG] Using Referred Token Binding ID for Token Binding of Access Tokens

2016-11-12 Thread Torsten Lodderstedt

Hi Mike, does this mean the binding ID is indicated to the authorization server via a respective HTTP header? I'm asking because I didn't find the respective parameter in the draft. Could you add a HTTP request example? I think that would help a lot to better understand the mechanism. best