An updated OAuth Proof-of-Possession draft has been posted that address the open issues identified in the previous draft. Changes were:
- Defined the terms Issuer, Presenter, and Recipient and updated their usage within the document.
- Added a description of a use case using an asymmetric proof-of-possession key to the introduction.
- Added the “
kid” (key ID) confirmation method.
Thanks to Hannes Tschofenig for writing text to address the open issues.
This specification is available at:
An HTML formatted version is also available at: