Here are the slides that I rushed though at the end of the Dallas meeting: https://www.ietf.org/proceedings/92/slides/slides-92-oauth-1.pdf
And the -00 draft: http://tools.ietf.org/html/draft-campbell-oauth-dst4jwt-00 In an informal discussion earlier this week John B. suggested that some additional thinking and/or clarification is needed with regard to what parts of the URI to include and check. Particularly with respect to query and fragment. And he's probably right.
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
