search

oauth-wg / oauth-browser-based-apps

Best practices for OAuth in Browser-Based Apps
https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps
Other
22 stars 12 forks source link

DPoP #32

Closed criztovyl closed 5 months ago

criztovyl commented 5 months ago

The application can use DPoP to ensure its access tokens are bound to non-exportable key linked to the browser.

this reads strange, not sure, but is there an "a" or "s" missing?

[...] bound to a non-exportable key linked to the browser.

[...] bound to non-exportable keys linked to the browser.

https://github.com/oauth-wg/oauth-browser-based-apps/blob/11ee6bc7997b3226c140fca219b9bcb629188089/draft-ietf-oauth-browser-based-apps.md?plain=1#L322

aaronpk commented 5 months ago

Good catch, thanks

aaronpk commented 5 months ago

Fixed in c593337de1055185b9d41783bf3e16ac922f9231