These RFCs are all pertain to OAuth Client Authentication using signed
assertions:
* RFC 7521 - Assertion Framework for OAuth 2.0 Client Authentication and
Authorization Grants
* RFC 7522 - Security Assertion Markup Language (SAML) 2.0 Profile for
OAuth 2.0 Client Authentication and Authorization Grants
* RFC 7523 - JSON Web Token (JWT) Profile for OAuth 2.0 Client
Authentication and Authorization Grants
I'd encourage you to think about whether using the JWT Profile, in particular,
would achieve the goals you're after.
Best wishes,
-- Mike
_______________________________________________
Ace mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ace
