Do we need additional clarification on re-using sender constraining mechanisms?

oauth-wg / oauth-identity-chaining

Draft specification for Identity Chaining

https://drafts.oauth.net/oauth-identity-chaining/draft-ietf-oauth-identity-chaining.html

Other

4 stars 3 forks source link

Do we need additional clarification on re-using sender constraining mechanisms? #105

Open PieterKas opened 2 weeks ago

PieterKas commented 2 weeks ago

Processing rule 2.3.2 requires PoP - how should PoP be done for token exchange? Is this defined in MTLS or DPoP (I am unable to find a specific reference in DPoP on how this should be used with Token Exchange specifically).