Skip to content

Commit

Permalink
DPoP -> RFC9449
Browse files Browse the repository at this point in the history
  • Loading branch information
@aaronpk
aaronpk authored Oct 20, 2023
1 parent 01ad263 commit b3f8da4
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions public/2/dpop/index.php
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
<?php
$page_title = "OAuth 2.0 DPoP - Demonstrating Proof of Possession at the Application Layer";
$page_title = "OAuth 2.0 DPoP - Demonstrating Proof of Possession at the Application Layer- RFC9449";
$page_section = "";
$page_secondary = "";
$page_meta_description = "OAuth 2.0 DPoP - Demonstrating Proof of Possession at the Application Layer";
$page_meta_description = "OAuth 2.0 DPoP - Demonstrating Proof of Possession at the Application Layer - RFC9449";
require('../../../includes/_header.php');
?>
<div class="container">
Expand All @@ -14,11 +14,11 @@
</nav>
<div>

<h2>Draft: OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)</h2>
<h2>RFC9449: OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)</h2>

<p><a href="https://tools.ietf.org/html/draft-ietf-oauth-dpop" class="rfc">tools.ietf.org/html/draft-ietf-oauth-dpop</a></p>
<p><a href="https://datatracker.ietf.org/doc/html/rfc9449" class="rfc">datatracker.ietf.org/doc/html/rfc9449</a></p>

<p><a href="https://tools.ietf.org/html/draft-ietf-oauth-dpop">DPoP</a>, or Demonstrating Proof of Possession, is an extension that describes a technique to cryptographically bind access tokens to a particular client when they are issued. This is one of many attempts at improving the security of <a href="/2/bearer-tokens/">Bearer Tokens</a> by requiring the application using the token to prove possession of the same private key that was used to obtain the token.</p>
<p><a href="https://datatracker.ietf.org/doc/html/rfc9449">DPoP</a>, or Demonstrating Proof of Possession, is an extension that describes a technique to cryptographically bind access tokens to a particular client when they are issued. This is one of many attempts at improving the security of <a href="/2/bearer-tokens/">Bearer Tokens</a> by requiring the application using the token to prove possession of the same private key that was used to obtain the token.</p>

<p>See Also:</p>
<ul>
Expand Down

0 comments on commit b3f8da4

Please sign in to comment.