I made a (late) review of draft-ietf-oauth-proof-of-possession-06 and as with draft-ietf-oauth-pop-architecture-05 I think it’s in really good shape and it’s not much to comment on.
The only thing that I could mention is that the introduction of the “jwk” member in the following text is a bit abrupt: When the key held by the presenter is an asymmetric private key, the "jwk" member is a JSON Web Key (JWK) [JWK<https://tools.ietf.org/html/draft-ietf-oauth-proof-of-possession-06#ref-JWK>] representing the corresponding asymmetric public key. It’s the first time the member is introduced. Same on “jwe". Otherwise, as I said. It’s in really good shape. / Erik
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
