The overview document is draft-hunt-oauth-pop-architecture-00 For the client requesting POP tokens and key draft-bradley-oauth-pop-key-distribution
For how to include the proof key info in a JWT (more generic than just access tokens) draft-jones-oauth-proof-of-possession The draft-sakimura-oauth-tcse spec is older and is about symmetric proof keys for code when using public clients, and not directly related to the new docs. The draft-tschofenig-oauth-hotk is how to use the pop AT at the RS. It needs some updating to align with draft-jones-oauth-proof-of-possession but is the general idea. I am going to do a version of draft-sakimura-oauth-tcse using asymmetric proof keys for discussion on how you could start with a public client generating a key-pair and tying the public key to code, refresh and access tokens. > draft-sakimura-oauth-rjwtprof was a discussion document for the WG. These are all independent drafts at the moment. The WG will look at them and decide how it wants to proceed with WG drafts, that may or may not be based on these. We are still trying to decide what sort of sausage to make. John B. On Apr 24, 2014, at 12:14 PM, Lewis Adam-CAL022 <adam.le...@motorolasolutions.com> wrote: > Hi, > > Lots of crypto drafts on OAuth popping up that I need to come up to speed on. > draft-bradley-oauth-pop-key-distribution-00 > draft-hunt-oauth-pop-architecture-00 > draft-jones-oauth-proof-of-possession-00 > draft-sakimura-oauth-rjwtprof-01 > draft-sakimura-oauth-tcse-03 > draft-tschofenig-oauth-hotk-03 > > Glad to see all the work, but is there a preferred reading order here? Which > ones build on each other vs. which ones are out there on their own? > > > -adam > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth