Hi all, Here is the updated Transaction Tokens draft, which is on the agenda for Prague. In the new draft, we have incorporated the feedback received in IETF 117, as well as removed the "Nested Transaction Tokens" part. Salient points are:
1. Transaction Tokens now have separate claims for: - Requester context, with defined optional fields within it. - Purpose - Authorization details 2. There is now an audience claim, whose value is the trust domain of the Transaction Token 3. Removed nesting and as a result the draft no longer depends on the jWT Embedded Tokens draft. https://datatracker.ietf.org/doc/draft-tulshibagwale-oauth-transaction-tokens/05/ Looking forward to discussing this in Prague, Atul
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth