Skip to content
Internet Draft: OAuth 2.0 Demonstration of Proof-of-Possession at the Application-layer
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information. Edits resulting from Mike's review of the initial draft Mar 27, 2019 Added normalization rules for URIs. Apr 2, 2019

OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer

This document defines an application-level sender-constraint mechanism for OAuth 2.0 access tokens and refresh tokens that can be applied when neither mTLS nor OAuth Token Binding are utilized. It achieves proof-of-possession using a public/private key pair.

Written in markdown for the mmark processor.

Compiling: mmark -2 > draft.xml; xml2rfc --legacy --html draft.xml

You can’t perform that action at this time.