oauth-wg draft-ietf-oauth-attestation-based-client-auth issues

oauth-wg / draft-ietf-oauth-attestation-based-client-auth

Other

8 stars 7 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

add christian as author

#83 c2bo closed 1 week ago
0
add http field name (header) iana registration

#82 c2bo closed 1 week ago
0
client_id optional in the request body

#81 Sakurann opened 1 month ago
1
fix broken links after moving the repo

#80 c2bo closed 3 months ago
0
Usage of "public clients" / "deployments traditionally viewed as a public client"

#79 paulbastian opened 3 months ago
0
new HTTP headers are supposed to request their registration

#78 bc-pi closed 1 week ago
0
Update client attestation pop to include JTI and nonce

#77 tplooker opened 3 months ago
0
Explicitly state the client attestation mechanism can be used at other endpoints such as PAR

#76 tplooker opened 3 months ago
0
Make PoP optional

#75 nikosft closed 3 months ago
2
feat: initial proposal to use http headers

#74 tplooker closed 3 months ago
19
Add relevant oauth error responses to token requests when the client attestation is invalid

#73 tplooker opened 5 months ago
0
Add required typ values for the client-attestation and client-attestation-pop in line with JWT BCP

#72 tplooker opened 5 months ago
1
Propose to change the draft name

#71 tlodderstedt opened 5 months ago
2
Register AS and client metadata for algorithm negotiation of attestations and pops

#70 tplooker opened 5 months ago
0
Usecase: authenticating the key used for DPoP bound access tokens back to the client

#69 tplooker opened 7 months ago
0
Introducing a general purpose assertion-based client authentication with holder-of-key JWT

#68 ju-cu opened 7 months ago
5
feat: initial proposal to use dpop

#67 tplooker closed 5 months ago
15
Include guidance to use token_endoint_auth_methods_support

#66 paulbastian opened 9 months ago
0
Update draft-ietf-oauth-attestation-based-client-auth.md

#65 paulbastian closed 9 months ago
0
Adds server-provided nonces for Client Attestation PoP JWT freshness verification

#64 pmhsfelix opened 9 months ago
15
Add text on cnf key rotation

#63 cobward closed 6 months ago
2
IETF 118: Overlap/Synergies with "Attestation in Dynamic Client Registration Draft"

#62 paulbastian opened 10 months ago
2
IETF 118 : Should this mechanism be used in parallel with Client Authentication /with Dynamic Client Registration

#61 paulbastian opened 10 months ago
18
IETF 118: Refer / Explain relation to RATS and the RATS terminology

#60 paulbastian opened 10 months ago
1
Using a server provided nonce to limit the lifetime of a Client Attestation PoP JWT

#59 pmhsfelix opened 10 months ago
6
Extend the draft to define a new grant type

#58 Sakurann opened 10 months ago
1
Refresh token binding after attestation expiration

#57 cobward closed 6 months ago
11
Authorization code binding to client instance

#56 cobward opened 10 months ago
3
update acknowledments

#55 paulbastian closed 10 months ago
0
replay attack prevention

#54 paulbastian closed 10 months ago
0
remove JWT ID from Client Attestation JWT

#53 paulbastian closed 10 months ago
0
redesigning sequence diagram for introduction

#52 paulbastian closed 10 months ago
0
add text on aal

#51 paulbastian closed 2 weeks ago
2
Update referenced rfcs

#50 paulbastian closed 10 months ago
0
Replay prevention

#49 paulbastian closed 10 months ago
1
add text on aal

#48 paulbastian closed 11 months ago
1
PoP attestation binding

#47 peppelinux opened 11 months ago
5
extend use beyond authorization servers

#46 peppelinux opened 11 months ago
11
[client_assertion_pop] JWTs concatenated and separated by ~ vs self-explanatory parameter names

#45 peppelinux closed 11 months ago
4
add to acknowledgments

#44 bc-pi closed 1 year ago
1
fix: generalise the client authentication section

#43 tplooker closed 12 months ago
0
fix refresh token binding issue

#42 tplooker closed 12 months ago
0
fix: cnf claim definition in client attestation

#41 tplooker closed 12 months ago
0
fix: jti usage language

#40 tplooker closed 1 year ago
0
Replay prevention

#39 paulbastian opened 1 year ago
3
endpoint URL in pop JWT?

#38 tlodderstedt closed 10 months ago
4
Client Attestation PoP JWT does not contain mandatory "jti" claim

#37 tlodderstedt closed 1 year ago
0
Sender-Constrained Access Token

#36 TakahikoKawasaki closed 7 months ago
5
Should token_endpoint_auth_signing_alg be considered?

#35 TakahikoKawasaki opened 1 year ago
5
PoP JWT example is not consistent with spec text

#34 bc-pi closed 1 year ago
1