On 02/04/2016 05:14 PM, John Bradley wrote:
In https://tools.ietf.org/html/draft-ietf-oauth-pop-key-distributionThe proof key is included in the access token or provided out of band. The proof mechanism to the RS is what would determine if the key type needs to match DTLS . If the proof is DTLS then they would need to match.
Thank you John, this leads me to another question (maybe I just missed it in the PoP drafts): Who decides what the proof mechanism should be? How is the proof mechanism signaled to the client (the client may support several proof mechanisms)?
/Ludwig -- Ludwig Seitz, PhD SICS Swedish ICT AB Ideon Science Park Building Beta 2 Scheelevägen 17 SE-223 70 Lund Phone +46(0)70 349 9251 http://www.sics.se
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
