Skip to content

Commit

Permalink
Update draft-ietf-wimse-s2s-protocol.md
Browse files Browse the repository at this point in the history
Co-authored-by: jsalowey <[email protected]>
  • Loading branch information
yaronf and jsalowey authored Oct 13, 2024
1 parent 701797c commit 8c8811c
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion draft-ietf-wimse-s2s-protocol.md
Original file line number Diff line number Diff line change
Expand Up @@ -519,7 +519,10 @@ and/or in specific deployment scenarios.
- In general, Message Signatures provide greater flexibility compared to
the DPoP-inspired approach. The draft (and subsequent implementations) can decide
whether specific aspects of message signing, such as coverage of particular fields,
should be mandatory or optional.
should be mandatory or optional. Covering more fields will constrain the proof
so it cannot be easily reused in another context, which is often a security improvement. The DPoP inspired approach could
be designed to include extensibility to sign other fields, but this makes it closer to
trying to reinvent message signatures.

# Using Mutual TLS for Service To Service Authentication {#mutual-tls}

Expand Down

0 comments on commit 8c8811c

Please sign in to comment.