Hi all, I filed https://github.com/oauthstuff/draft-ietf-oauth-security-topics/pull/86 as a result of discussions at IETF in Prague but it seems to have stalled. What text are we going to add to draft-ietf-oauth-security-topics to prevent use of a constant PKCE challenge value, if not that proposed in the PR? We should address this before publication.
Best wishes, -- Mike
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth