There is a collision between the "nonce" parameter used in ACE and the "nonce" parameter defined by OpenID connect (see: https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml). We have thus changed the parameter from "nonce" -> "cnonce" (initially for client-nonce) in the framework. This draft still uses 'nonce' in several places as e.g.
Figure 10
Figure 11
First paragraph of 4.1 ("...using the 'nonce' parameter defined in ...")
Second paragraph of 4.2 ("...containing the 'nonce' parameter ...")
First paragraph of 4.3 ("...from the 'nonce' parameter and the client identifier ...")
There is a collision between the "nonce" parameter used in ACE and the "nonce" parameter defined by OpenID connect (see: https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml). We have thus changed the parameter from "nonce" -> "cnonce" (initially for client-nonce) in the framework. This draft still uses 'nonce' in several places as e.g.