> Am 02.03.2020 um 17:52 schrieb Takahiko Kawasaki <t...@authlete.com>: > > The requirement for "jti" described > in draft-ietf-oauth-jwt-introspection-response-08 is problematic.
I think having different jti values for different requests is a security risk.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth