Minor Updates to OAuth DPoP Prior to IETF 113 in Vienna

On March 3, 2022

OAuth logo The editors have applied some minor updates to the OAuth DPoP specification in preparation for discussion at IETF 113 in Vienna. Updates made were:

Renamed the always_uses_dpop client registration metadata parameter to dpop_bound_access_tokens.
Clarified the relationships between server-provided nonce values, authorization servers, resource servers, and clients.
Improved other descriptive wording.

The specification is available at:

https://tools.ietf.org/id/draft-ietf-oauth-dpop-06.html

You must be logged in to post a comment.

Musings on Digital Identity

Minor Updates to OAuth DPoP Prior to IETF 113 in Vienna

Leave a Reply

Minor Updates to OAuth DPoP Prior to IETF 113 in Vienna

Four Months of Refinements to OAuth DPoP

Two new COSE- and JOSE-related Internet Drafts with Tobias Looker

Leave a Reply