You really need to make it clear that these are native not web. Please point me to demo.
thx ..Tom (mobile) On Wed, Jul 26, 2023, 2:32 PM Paul Bastian <paul.bast...@posteo.de> wrote: > Hello Tom, > The client attestation draft does not make any suggestions on the > architecture but gives a general purpose mechanism how to authenticate a > client in OAuth using an attestation. > The primary/first use case for this is public clients for high assurance > credentials with OpenID4VCI in eIDAS, focusing on mobile apps and not on > web wallets. For this use case we already developed a demonstrator and > presented this at last IIW. > How the authorisation server trusts the attestation of the client > backend(the attestation service) is out of scope of this specification, but > will ultimately be solved by prearranged trust relations or trust > frameworks with trust lists. > Best regards, Paul > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
