Thanks Brian, I committed a fix for this. -Daniel
Am 22.07.19 um 20:36 schrieb Brian Campbell: > The description of I-D.ietf-oauth-mtls in > https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13#section-4.8.1.2 > <https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13#section-4.8..1.2> > talks about binding to and checking against the fingerprint of the > public key from the client certificate. However, > https://tools.ietf.org/html/draft-ietf-oauth-mtls-15 uses a hash of > the whole certificate rather than of just the public key. > > /CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly > prohibited.. If you have received this communication in error, please > notify the sender immediately by e-mail and delete the message and any > file attachments from your computer. Thank you./ > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth