- From: Brian Richter <brian@aviary.tech>
- Date: Mon, 12 Jul 2021 10:50:52 -0700
- To: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Received on Monday, 12 July 2021 17:51:18 UTC
Hello list, As I've been digging into RAR a little bit and trying to see how it might fit within the VC-HTTP-API work I have found some great resources speaking about what RAR, PAR and JAR are. - https://medium.com/oauth-2/rich-oauth-2-0-authorization-requests-87870e263ecb - https://pt.slideshare.net/TorstenLodderstedt/rich-authorization-requests - https://datatracker.ietf.org/doc/html/draft-lodderstedt-oauth-rar - https://youtu.be/g_aVPdwBTfw?t=1240 It seems like these have yet to make it into anything available from Auth0 or Okta and I have not found anything available on github.. I was wondering if anybody knows of any open source implementations out there or are these things simply too new? RAR does instinctively feel like a good fit for the work in question however I share the concerns Orie and others do regarding including something that nobody has experience with.. Doing so would likely hinder widespread interoperability. If anybody can speak to some real world implementations I would love to hear about it. Thanks, Brian
Received on Monday, 12 July 2021 17:51:18 UTC