Thanks for chiming in Dima.
Do you reckon it's a good idea to define a code_challenge_method client
reg parameter in the OAuth 2.1 spec?
To enable 2.0 -> 2.1 transitions and also give people a concrete and
standard compliant way to implement the "REQUIRED or RECOMMENDED" in the
OAuth 2.1 spe
Hi Brock,
Right, so it's already happening :)
My honest preference is to give people a standard code_challenge_method
client reg parameter for this job and eliminate guesswork.
~ Vladimir
Vladimir Dzhuvinov
On 08/10/2022 05:38, Brock Allen wrote:
> Has anyone faced the issue how an AS can
We have two official sessions: the first one is *Monday morning *and the
second one is *Wednesday afternoon*.
Regards,
Rifaat
-- Forwarded message -
From: IETF Agenda
Date: Fri, Oct 7, 2022 at 5:49 PM
Subject: IETF 115 Preliminary Agenda
To: Working Group Chairs
IETF 115
Lo
Hi Vladimir.
Client registration parameter sounds like a good idea to me.
In terms of which document this goes to I wonder if PKCE RFC7636 could
be updated to add this. This way ecosystems using PKCE in OAuth 2.0 could
benefit from this too.
Thanks
Dima
On Sat, Oct 8, 2022 at 9:27 PM Vlad
