issues
search
oauth-wg
/
draft-ietf-oauth-attestation-based-client-auth
Other
12
stars
6
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
remove annex as key attestations are moved out of scope for now
#93
paulbastian
closed
3 weeks ago
1
add typ values
#92
paulbastian
closed
3 weeks ago
1
add RATS relation
#91
paulbastian
closed
3 weeks ago
0
Restructure text and add alternative representation
#90
c2bo
closed
3 weeks ago
1
Remove backslash for line wrapping from examples
#89
c2bo
opened
3 weeks ago
0
Delete key attestation example from the Annex
#88
paulbastian
closed
3 weeks ago
0
fix PoP examples to include jti and nonce
#87
paulbastian
closed
1 month ago
0
Restructure sections for presentation of attestation
#86
c2bo
closed
3 weeks ago
1
Take lessons learned from nonce endpoint in OpenID4VCI and apply to this draft
#85
paulbastian
opened
1 month ago
0
Rewrite introduction that the main purpose is not about key attestation
#84
paulbastian
opened
1 month ago
0
add christian as author
#83
c2bo
closed
2 months ago
0
add http field name (header) iana registration
#82
c2bo
closed
2 months ago
0
client_id optional in the request body
#81
Sakurann
opened
3 months ago
1
fix broken links after moving the repo
#80
c2bo
closed
5 months ago
0
Usage of "public clients" / "deployments traditionally viewed as a public client"
#79
paulbastian
opened
5 months ago
3
new HTTP headers are supposed to request their registration
#78
bc-pi
closed
2 months ago
0
Update client attestation pop to include JTI and nonce
#77
tplooker
closed
1 month ago
0
Explicitly state the client attestation mechanism can be used at other endpoints such as PAR
#76
tplooker
closed
3 weeks ago
0
Make PoP optional
#75
nikosft
closed
5 months ago
2
feat: initial proposal to use http headers
#74
tplooker
closed
5 months ago
19
Add relevant oauth error responses to token requests when the client attestation is invalid
#73
tplooker
opened
7 months ago
0
Add required typ values for the client-attestation and client-attestation-pop in line with JWT BCP
#72
tplooker
closed
3 weeks ago
2
Propose to change the draft name
#71
tlodderstedt
opened
7 months ago
2
Register AS and client metadata for algorithm negotiation of attestations and pops
#70
tplooker
opened
7 months ago
0
Usecase: authenticating the key used for DPoP bound access tokens back to the client
#69
tplooker
opened
9 months ago
0
Introducing a general purpose assertion-based client authentication with holder-of-key JWT
#68
ju-cu
opened
10 months ago
5
feat: initial proposal to use dpop
#67
tplooker
closed
7 months ago
15
Include guidance to use token_endoint_auth_methods_support
#66
paulbastian
opened
11 months ago
0
Update draft-ietf-oauth-attestation-based-client-auth.md
#65
paulbastian
closed
11 months ago
0
Adds server-provided nonces for Client Attestation PoP JWT freshness verification
#64
pmhsfelix
opened
1 year ago
15
Add text on cnf key rotation
#63
cobward
closed
9 months ago
2
IETF 118: Overlap/Synergies with "Attestation in Dynamic Client Registration Draft"
#62
paulbastian
opened
1 year ago
2
IETF 118 : Should this mechanism be used in parallel with Client Authentication /with Dynamic Client Registration
#61
paulbastian
opened
1 year ago
18
IETF 118: Refer / Explain relation to RATS and the RATS terminology
#60
paulbastian
closed
3 weeks ago
1
Using a server provided nonce to limit the lifetime of a Client Attestation PoP JWT
#59
pmhsfelix
opened
1 year ago
6
Extend the draft to define a new grant type
#58
Sakurann
opened
1 year ago
1
Refresh token binding after attestation expiration
#57
cobward
closed
9 months ago
11
Authorization code binding to client instance
#56
cobward
opened
1 year ago
3
update acknowledments
#55
paulbastian
closed
1 year ago
0
replay attack prevention
#54
paulbastian
closed
1 year ago
0
remove JWT ID from Client Attestation JWT
#53
paulbastian
closed
1 year ago
0
redesigning sequence diagram for introduction
#52
paulbastian
closed
1 year ago
0
add text on aal
#51
paulbastian
closed
2 months ago
2
Update referenced rfcs
#50
paulbastian
closed
1 year ago
0
Replay prevention
#49
paulbastian
closed
1 year ago
1
add text on aal
#48
paulbastian
closed
1 year ago
1
PoP attestation binding
#47
peppelinux
opened
1 year ago
5
extend use beyond authorization servers
#46
peppelinux
closed
3 weeks ago
11
[client_assertion_pop] JWTs concatenated and separated by ~ vs self-explanatory parameter names
#45
peppelinux
closed
1 year ago
4
add to acknowledgments
#44
bc-pi
closed
1 year ago
1
Next