<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif;">
<div>
<div>
<div>Its just really, really far down ;)</div>
<div><br>
</div>
<div>Thanks, I'll add it to the list of changes.</div>
<div><br>
</div>
<div>MV</div>
<div>
<div id="MAC_OUTLOOK_SIGNATURE"></div>
</div>
</div>
</div>
<div><br>
</div>
<span id="OLK_SRC_BODY_SECTION">
<div style="font-family:Calibri; font-size:12pt; text-align:left; color:black; BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; BORDER-RIGHT: medium none; PADDING-TOP: 3pt">
<span style="font-weight:bold">From: </span>Openid-specs-igov <<a href="mailto:openid-specs-igov-bounces@lists.openid.net">openid-specs-igov-bounces@lists.openid.net</a>> on behalf of Openid-specs-igov <<a href="mailto:openid-specs-igov@lists.openid.net">openid-specs-igov@lists.openid.net</a>><br>
<span style="font-weight:bold">Reply-To: </span>Justin Richer <<a href="mailto:jricher@mit.edu">jricher@mit.edu</a>><br>
<span style="font-weight:bold">Date: </span>Friday, January 19, 2018 at 4:04 PM<br>
<span style="font-weight:bold">To: </span>Phil Hunt <<a href="mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a>><br>
<span style="font-weight:bold">Cc: </span>Openid-specs-igov <<a href="mailto:openid-specs-igov@lists.openid.net">openid-specs-igov@lists.openid.net</a>><br>
<span style="font-weight:bold">Subject: </span>Re: [Openid-specs-igov] Client Assertion definition<br>
</div>
<div><br>
</div>
<blockquote id="MAC_OUTLOOK_ATTRIBUTION_BLOCKQUOTE" style="BORDER-LEFT: #b5c4df 5 solid; PADDING:0 0 0 5; MARGIN:0 0 0 5;">
<div>
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
Good catch, that should be a cross-reference to section 2.3.2 of the OAuth profile:
<div class=""><br class="">
</div>
<div class=""><a href="https://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?Submit=Submit&format=ascii&mode=html&type=ascii&url=https://bitbucket.org/openid/igov/raw/master/openid-igov-oauth2.xml#RequestsToTokenEndpoint" class="">https://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?Submit=Submit&format=ascii&mode=html&type=ascii&url=https://bitbucket.org/openid/igov/raw/master/openid-igov-oauth2.xml#RequestsToTokenEndpoint</a></div>
<div class=""><br class="">
</div>
<div class=""> — Justin<br class="">
<div><br class="">
<blockquote type="cite" class="">
<div class="">On Jan 19, 2018, at 2:58 PM, Phil Hunt via Openid-specs-igov <<a href="mailto:openid-specs-igov@lists.openid.net" class="">openid-specs-igov@lists.openid.net</a>> wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
Looking at the iGov profile and in section 2.2 it says…
<div class=""><dt style="margin-top: 0.5em; font-size: 13.333333015441895px;" class="">
<font face="Times New Roman" class="">client_assertion</font></dt><dd style="margin-right: 2em; font-size: 13.333333015441895px;" class=""><font face="Times New Roman" class="">The value of the signed client authentication JWT generated as described below. The RP must generate a new assertion JWT for each call to the token
endpoint.</font>
<div class=""><br class="">
</div>
<div class="">Funny thing, the "JWT as described below" is not to be found. </div>
<div class=""><br class="">
</div>
<div class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div class=""><span class="Apple-style-span" style="border-collapse: separate; line-height: normal; border-spacing: 0px;">
<div class="" style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div class="">
<div class="">
<div class="">Phil</div>
<div class=""><br class="">
</div>
<div class="">Oracle Corporation, Identity Cloud Services Architect</div>
<div class="">@independentid</div>
<div class=""><a href="http://www.independentid.com/" class="">www.independentid.com</a></div>
</div>
</div>
</div>
</span><a href="mailto:phil.hunt@oracle.com" class="" style="orphans: 2; widows: 2;">phil.hunt@oracle.com</a></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br class="">
</dd></div>
</div>
_______________________________________________<br class="">
Openid-specs-igov mailing list<br class="">
<a href="mailto:Openid-specs-igov@lists.openid.net" class="">Openid-specs-igov@lists.openid.net</a><br class="">
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-igov">http://lists.openid.net/mailman/listinfo/openid-specs-igov</a><br class="">
</div>
</blockquote>
</div>
<br class="">
</div>
</div>
</div>
</blockquote>
</span>
</body>
</html>