Closed Denisthemalice closed 2 years ago
Section 12.3 (Protection of Client Instance Key Material) states:
"Client instances are identified by their unique keys".
The rational for authentication client instances using a unique key is not explained.
An access token contains the rights or privileges of a human user and not those for a client instance.
The relationship between client instances and end-users is not explained.
The end user, when they are present, operates the client instance as enumerated in the definitions and discussed several times in many issues.
Closing as duplicate.
Section 12.3 (Protection of Client Instance Key Material) states:
The rational for authentication client instances using a unique key is not explained.
An access token contains the rights or privileges of a human user and not those for a client instance.
The relationship between client instances and end-users is not explained.