Caching token introspection results #261
Comments
xmlgrrl
added
core
|
For reference/completeness, there's some discussion on the list here (nothing that changes the recommendation as far as I can see, though). |
|
Referenced in what will be rev 11 of Core. No need to mention in Security Considerations because we say "As well, implementers should take into account the security considerations in all other normatively referenced specifications." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We don't say anything yet. Recommend to inherit IETF RFC 7662 (Token Introspection) Section 4 (Security Considerations) by normative reference, from our "Resource Server Determines RPT Status" section and probably also from our Security Considerations section as appropriate:
https://tools.ietf.org/html/rfc7662#section-4
The text was updated successfully, but these errors were encountered: