A question came up in a conversation with a developer: https://tools.ietf.org/html/draft-ietf-oauth-mtls-07#section-2.2.2
What should the AS do when authenticating a client when the client has
registered a JWK (jwks_uri) with a "x5t#S256" parameter instead of a "x5c"?
1. Ignore the registered cert "x5t#S256" and match the key material of
the received cert with the key material of the registered JWK.
2. Match the registered cert "x5t#S256" with the "x5t#S256" of the
received cert.
3. Something else?
Thanks,
Vladimir
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
