A question came up in a conversation with a developer: https://tools.ietf.org/html/draft-ietf-oauth-mtls-07#section-2.2.2
What should the AS do when authenticating a client when the client has registered a JWK (jwks_uri) with a "x5t#S256" parameter instead of a "x5c"? 1. Ignore the registered cert "x5t#S256" and match the key material of the received cert with the key material of the registered JWK. 2. Match the registered cert "x5t#S256" with the "x5t#S256" of the received cert. 3. Something else? Thanks, Vladimir
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth