Merge branch 'main' of https://github.com/selfissued/draft-jones-oaut…

…h-rfc7523bis
selfissued · Jan 22, 2025 · 0517ac6 · 0517ac6
2 parents 2832abb + 576440e
commit 0517ac6
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/draft-jones-oauth-rfc7523bis.xml b/draft-jones-oauth-rfc7523bis.xml
@@ -353,8 +353,9 @@
 	<t>
 	  Authorization grant JWTs MUST be explicitly typed by using the
 	  <spanx style="verb">typ</spanx> header parameter value
-	  <spanx style="verb">authorization-grant+jwt</spanx>.
-	  Authorization grant JWTs not using this explicit type value
+	  <spanx style="verb">authorization-grant+jwt</spanx> or
+	  another more specific explicit type value defined by a specification profiling this specification.
+	  Authorization grant JWTs not using the explicit type value
 	  MUST be rejected by the authorization server.
 	</t>
 	<t>
@@ -394,8 +395,9 @@
 	<t>
 	  Client authentication JWTs MUST be explicitly typed by using the
 	  <spanx style="verb">typ</spanx> header parameter value
-	  <spanx style="verb">client-authentication+jwt</spanx>.
-	  Client authentication JWTs not using this explicit type value
+	  <spanx style="verb">client-authentication+jwt</spanx>
+	  another more specific explicit type value defined by a specification profiling this specification.
+	  Client authentication JWTs not using the explicit type value
 	  MUST be rejected by the authorization server.
 	</t>
 	<t>If the client JWT is not valid, the