Draft -03

aaronpk released this 23 Jul 01:25

· 2 commits to main since this release

draft-parecki-oauth-client-id-metadata-document-03

3aafad4

Prohibit all forms of symmetric client authentication, not just client secret
Added recommendations for development when clients are not on the web
Added reference to HTTP Caching RFC9111
Added security considerations around domain trust and changes in client keys
Updated references

Assets 2