In http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-09, see the definition
of "jwks_uri", which enables the client's JWK Set document to be communicated
to the OAuth server out of band from the JWTs (and JOSE objects underlying
them) later used. Also see "token_endpoint_auth_method" and especially the
"client_secret_jwt" and "private_key_jwt" authentication methods.
-- Mike
From: [email protected] [mailto:[email protected]] On Behalf Of Jim
Schaad
Sent: Thursday, April 18, 2013 2:49 PM
To: Mike Jones
Cc: [email protected]
Subject: [jose] OAUTH and implicit key identifiers
Mike,
I have tried to go through the OAuth documents in order to find where and how
they have implicit key identifiers set up for tokens. I was unable to find
this. Can you please give me a concrete pointer to where this text is?
Jim
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
