Skip to content

draft-ietf-oauth-attestation-based-client-auth-07

Latest
Latest
Compare
Choose a tag to compare
@paulbastian paulbastian released this 15 Sep 11:08
draft-ietf-oauth-attestation-based-client-auth-07
c461599
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
  • remove restrictions to not allow MAC-based algorithms
  • require iat in Client Attestation PoP JWT
  • clarify use_attestation_challenge and add invalid_client_attestation
  • add client_attestation_signing_alg_values_supported and client_attestation_pop_signing_alg_values_supported to IANA egistration
  • add implementation consideration for Authorization Server Metadata
  • clarify refresh token binding
  • check client_id at PAR endpoint
  • added use_fresh_attestation as an error to signal that the attestation was not deemed fresh enough by the server
  • mandate the defined header fields if the attestation and pop are transferred via header fields
Assets 2
Loading