gt;>
>> Works for me.
>>
>>
>>
>> From: OAuth On Behalf Of Torsten Lodderstedt
>> Sent: Friday, May 1, 2020 2:51 AM
>> To: Brian Campbell
>> Cc: oauth
>> Subject: Re: [OAUTH-WG] PAR - Can AS/client require request object?
>>
>&g
Torsten.
>>
>> > On 1. May 2020, at 17:56, Mike Jones > 40microsoft@dmarc.ietf.org> wrote:
>> >
>> > Works for me.
>> >
>> >
>> >
>> > From: OAuth On Behalf Of Torsten Lodderstedt
>> > Sent: Friday, May 1, 2020 2:51 AM
&
best regards,
> Torsten.
>
> > On 1. May 2020, at 17:56, Mike Jones 40microsoft@dmarc.ietf.org> wrote:
> >
> > Works for me.
> >
> >
> >
> > From: OAuth On Behalf Of Torsten Lodderstedt
> > Sent: Friday, May 1, 2020 2:51 AM
> > To:
ike Jones
> wrote:
>
> Works for me.
>
>
>
> From: OAuth On Behalf Of Torsten Lodderstedt
> Sent: Friday, May 1, 2020 2:51 AM
> To: Brian Campbell
> Cc: oauth
> Subject: Re: [OAUTH-WG] PAR - Can AS/client require request object?
>
Works for me.
From: OAuth On Behalf Of Torsten Lodderstedt
Sent: Friday, May 1, 2020 2:51 AM
To: Brian Campbell
Cc: oauth
Subject: Re: [OAUTH-WG] PAR - Can AS/client require request object?
Filip´s proposal works for me.
Are there any objections?
Brian Campbell
mailto:40pingidentity
Works for me also
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
Filip´s proposal works for me.
Are there any objections?
Brian Campbell schrieb am Mo.
27. Apr. 2020 um 20:57:
> While there are certainly different permutations and contexts of use that
> could be imagine, I tend to agree with Filip here in not seeing a strong
> need to define new PAR
While there are certainly different permutations and contexts of use that
could be imagine, I tend to agree with Filip here in not seeing a strong
need to define new PAR specific metadata around signing/encryption of the
request object.
On Mon, Apr 27, 2020 at 2:35 AM Filip Skokan wrote:
>
Considering there's going to be a setting that forces clients to use PAR
(other mailinglist thread), then we should rely on the existing
`request_object_signing_alg` presence to indicate a Request Object must be
used (as suggested by this upcoming OIDC Core errata
Hi all,
this is one of the topics we quickly flipped through in the virtual meeting
last week.
I see the following open questions:
- Can the client require its instances to use request objects only.
- Are there further requirements on the properties of these objects? Signed
only, Signed and
10 matches
Mail list logo