Yes. Xbox One and its partners have been using this since its launch. The following token claims are from a production trace captured in early 2013:
{ "iss":"xas.xboxlive.com", "aud":"http://auth.xboxlive.com", "exp":"1361398824", "nbf":"1360189224", "cnf":{ "jwk":{ "kty":"EC", "use":"sig", "crv":"P-256", "x":"18wHLeIgW9wVN6VD1Txgpqy2LszYkMf6J8njVAibvhM", "y":"-V4dS4UaLMgP_4fY4j8ir7cl1TXlFdAgcx55o7TkcSA" } } } -- Mike -----Original Message----- From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Kathleen Moriarty Sent: Sunday, December 13, 2015 7:14 PM To: oauth@ietf.org Subject: [OAUTH-WG] implementations of draft-ietf-oauth-proof-of-possession Hi, Are there any implementations of draft-ietf-oauth-proof-of-possession? Thanks! -- Best regards, Kathleen _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth