Hi all,
I filed https://github.com/oauthstuff/draft-ietf-oauth-security-topics/pull/86
as a result of discussions at IETF in Prague but it seems to have stalled.
What text are we going to add to draft-ietf-oauth-security-topics to prevent
use of a constant PKCE challenge value, if not that proposed in the PR? We
should address this before publication.
Best wishes,
-- Mike
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
