-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Workload Proof Token Binding to transport #40
Comments
It is currently (in -00) achieved partially though the |
@bc-pi So why not add the |
|
I imagine the same lofty goals applied to the original DPoP, and yet |
It was much more haphazard, if I recall correctly. |
Commenting as identity enthusiast as opposed to WIMSE co-chair
DPoP allows for inclusion of claims about the HTTP Method and URI of the recipient to avoid spurious re-use or re-purposing of the proof. Is this achieved through the aud claim, or do we need additional provisions/extensions for this in the Workload Proof Token.
The text was updated successfully, but these errors were encountered: