I've updated my OP projects draft implementation to 02 as well as the example browser based client using DPoP for those interested
RP: https://murmuring-journey-60982.herokuapp.com OP: https://op.panva.cz/.well-known/openid-configuration As I've mentioned in the github issue tracker i think a server discovery medatata will be needed so that the RP can know upfront which DSAs are supported on the OP side to validate DPoP Proof JWTs with Best, *Filip Skokan* On Mon, 8 Jul 2019 at 15:30, Daniel Fett <danielf+oa...@yes.com> wrote: > All, > > In preparation for the meeting in Montreal, I just uploaded a new version > of the DPoP draft: > https://tools.ietf.org/html/draft-fett-oauth-dpop-02 > > Please have a look and let me know what you think. We should make this a > working group item soon. > > As you might have noticed, there is also a new version of the Security > Best Current Practice draft: > https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13 > > -Daniel > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth