Skip to content

draft-ietf-oauth-attestation-based-client-auth-06

Latest
Compare
Choose a tag to compare
@c2bo c2bo released this 07 Jul 07:18
· 5 commits to main since this release
b89ad41
  • clarify usage of client attestation outside of oauth2 applications
  • add oauth error response values invalid_client_attestation and use_attestation_challenge
  • revert the HTTP OPTIONS mechanism to fetch nonces and add a dedicated challenge endpoint
  • rename nonce to challenge
  • rewrite security consideration on replay attacks
  • add implementation consideration on replay attacks
  • remove exp from Client Attestation PoP JWT