Hi Karsten,
I've read the specification and implemented it. I think that the
specification is good enough for implementers. Actually, the latest version
of my company's product supports the specification and has already been
rolled out. The release note of the version mentions the specification.
Hi Brian,
thank you for your feedback.
I agree that the language is too strong here. What do you think about
this new note?
Note: The "JWT Secured Authorization Response Mode for OAuth 2.0
(JARM)" [JARM] defines a mechanism that conveys all authorization
response parameters in a JWT. This