Closed criztovyl closed 5 months ago
The application can use DPoP to ensure its access tokens are bound to non-exportable key linked to the browser.
this reads strange, not sure, but is there an "a" or "s" missing?
[...] bound to a non-exportable key linked to the browser. [...] bound to non-exportable keys linked to the browser.
[...] bound to a non-exportable key linked to the browser.
[...] bound to non-exportable keys linked to the browser.
https://github.com/oauth-wg/oauth-browser-based-apps/blob/11ee6bc7997b3226c140fca219b9bcb629188089/draft-ietf-oauth-browser-based-apps.md?plain=1#L322
Good catch, thanks
Fixed in c593337de1055185b9d41783bf3e16ac922f9231
this reads strange, not sure, but is there an "a" or "s" missing?
https://github.com/oauth-wg/oauth-browser-based-apps/blob/11ee6bc7997b3226c140fca219b9bcb629188089/draft-ietf-oauth-browser-based-apps.md?plain=1#L322