There's discussions around this in the mail and meeting archives, if you
want to dig into it. But generally the "at_hash" approach has proven to be
complicated while not really achieving the algorithm agility it aims for.
We opted for something more straightforward with "ath" in DPoP.
On Wed, Oct
As of -03, the "ath" DPoP proof claim has been introduced:
ath: hash of the access token (REQUIRED). The value MUST be the result of a
> base64url encoding (with no padding) the SHA-256 hash of the ASCII encoding
> of the associated access token's value.
>
OpenID Connect has a similar concept
