Re: [OAUTH-WG] Standard URL parameter for mitigating RFC6819's threat 4.6.4?

Hi Josh, I'm not aware of a common practice to use such a parameter. The WG is instead heading towards authenticated requests to the resource server (see https://tools.ietf.org/html/rfc6819#section-5.4.2). Please take a look onto http://tools.ietf.org/html/draft-ietf-oauth-pop-architecture a

Re: [OAUTH-WG] Standard URL parameter for mitigating RFC6819's threat 4.6.4?

In POP key distribution we do introduce a "audiance" parameter to the token_endpoint. https://tools.ietf.org/html/draft-ietf-oauth-pop-key-distribution-01#section-3.1 It would be possible to have a small spec to