The OAuth 2.0 Token Binding specification has been updated to enable Token Binding of JWT Authorization Grants and JWT Client Authentication. The discussion of phasing in Token Binding was improved and generalized. See the Document History section for other improvements applied.
The specification is available at: * https://tools.ietf.org/html/draft-ietf-oauth-token-binding-05 An HTML-formatted version is also available at: * http://self-issued.info/docs/draft-ietf-oauth-token-binding-05.html An update to the closely-related OpenID Connect Token Bound Authentication 1.0 specification was also simultaneously published. Its discussion of phasing in Token Binding was correspondingly updated. The OpenID Connect Token Binding specification is available in HTML and text versions at: * http://openid.net/specs/openid-connect-token-bound-authentication-1_0-02.html * http://openid.net/specs/openid-connect-token-bound-authentication-1_0-02.txt Thanks to Brian Campbell for doing the bulk of the editing for both sets of revisions. -- Mike P.S. This note was also published at http://self-issued.info/?p=1740 and as @selfissued<https://twitter.com/selfissued>.
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
