OAuth DPoP specification is in the hands of the RFC Editor

On May 3, 2023

OAuth logo The OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP) specification was approved by the IESG and is now in the hands of the RFC Editor in preparation for publication as an RFC. In a related development, the multiple IANA registrations requested by the specification are already in place.

As Vittorio Bertocci wrote, “One of the specs with the highest potential for (positive) impact in recent years.” I couldn’t agree more!

The latest version of the specification is available at:

https://tools.ietf.org/id/draft-ietf-oauth-dpop-16.html

Implement and deploy early and often!

You must be logged in to post a comment.

Musings on Digital Identity

OAuth DPoP specification is in the hands of the RFC Editor

Leave a Reply

OAuth DPoP specification is in the hands of the RFC Editor

First Public Working Draft of Securing Verifiable Credentials using JSON Web Tokens

Initial Reanimiated JOSE Working Group Specifications Published

Leave a Reply