Starting a new thread on this one: As you may have seen, I’ve updated the draft for applying HTTP Message Signatures to OAuth Access Tokens, and Aaron has joined as co-author. A pull for this work has come from a few different places lately and we’d like to see this move forward in the WG.
https://www.ietf.org/archive/id/draft-richer-oauth-httpsig-02.html Please read the draft, it’s not that long and I’ve left a bunch of editor’s notes in places that I think we’d want to address more directly or would need WG debate to come to a satisfying answer. — Justin
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
