> Am 02.03.2020 um 17:52 schrieb Takahiko Kawasaki <[email protected]>:
> 
> The requirement for "jti" described
> in draft-ietf-oauth-jwt-introspection-response-08 is problematic.

I think having different jti values for different requests is a security risk.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to