From 624b61a6f0144541950da02a1d8989ae6e5a5669 Mon Sep 17 00:00:00 2001
From: Aaron Parecki <aaron@parecki.com>
Date: Fri, 22 Nov 2024 12:51:49 -0800
Subject: [PATCH 1/3] add option for extensions to define their own explicit
 jwt type

---
 draft-jones-oauth-rfc7523bis.xml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/draft-jones-oauth-rfc7523bis.xml b/draft-jones-oauth-rfc7523bis.xml
index ad4326b..2fd0363 100644
--- a/draft-jones-oauth-rfc7523bis.xml
+++ b/draft-jones-oauth-rfc7523bis.xml
@@ -353,8 +353,9 @@
 	<t>
 	  Authorization grant JWTs MUST be explicitly typed by using the
 	  <spanx style="verb">typ</spanx> header parameter value
-	  <spanx style="verb">authorization-grant+jwt</spanx>.
-	  Authorization grant JWTs not using this explicit type value
+	  <spanx style="verb">authorization-grant+jwt</spanx> or
+    an extension-defined type.
+	  Authorization grant JWTs not using the explicit type value
 	  MUST be rejected by the authorization server.
 	</t>
 	<t>
@@ -394,8 +395,9 @@
 	<t>
 	  Client authentication JWTs MUST be explicitly typed by using the
 	  <spanx style="verb">typ</spanx> header parameter value
-	  <spanx style="verb">client-authentication+jwt</spanx>.
-	  Client authentication JWTs not using this explicit type value
+	  <spanx style="verb">client-authentication+jwt</spanx>
+    or an extension-defined type.
+	  Client authentication JWTs not using the explicit type value
 	  MUST be rejected by the authorization server.
 	</t>
 	<t>If the client JWT is not valid, the

From b3d2934d6b50a9f7bd7692eb4b1eb8ad396d70ba Mon Sep 17 00:00:00 2001
From: Aaron Parecki <aaron@parecki.com>
Date: Mon, 25 Nov 2024 15:13:30 -0800
Subject: [PATCH 2/3] Update draft-jones-oauth-rfc7523bis.xml

Co-authored-by: Michael B. Jones <michael_b_jones@hotmail.com>
---
 draft-jones-oauth-rfc7523bis.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/draft-jones-oauth-rfc7523bis.xml b/draft-jones-oauth-rfc7523bis.xml
index 2fd0363..6cae1b4 100644
--- a/draft-jones-oauth-rfc7523bis.xml
+++ b/draft-jones-oauth-rfc7523bis.xml
@@ -354,7 +354,7 @@
 	  Authorization grant JWTs MUST be explicitly typed by using the
 	  <spanx style="verb">typ</spanx> header parameter value
 	  <spanx style="verb">authorization-grant+jwt</spanx> or
-    an extension-defined type.
+	  another more specific explicit type value defined by a specification profiling this specification.
 	  Authorization grant JWTs not using the explicit type value
 	  MUST be rejected by the authorization server.
 	</t>

From cf723df8cab450a20543f927f797760f3ae1d13e Mon Sep 17 00:00:00 2001
From: Aaron Parecki <aaron@parecki.com>
Date: Mon, 25 Nov 2024 15:13:35 -0800
Subject: [PATCH 3/3] Update draft-jones-oauth-rfc7523bis.xml

Co-authored-by: Michael B. Jones <michael_b_jones@hotmail.com>
---
 draft-jones-oauth-rfc7523bis.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/draft-jones-oauth-rfc7523bis.xml b/draft-jones-oauth-rfc7523bis.xml
index 6cae1b4..5ddc6bd 100644
--- a/draft-jones-oauth-rfc7523bis.xml
+++ b/draft-jones-oauth-rfc7523bis.xml
@@ -396,7 +396,7 @@
 	  Client authentication JWTs MUST be explicitly typed by using the
 	  <spanx style="verb">typ</spanx> header parameter value
 	  <spanx style="verb">client-authentication+jwt</spanx>
-    or an extension-defined type.
+	  another more specific explicit type value defined by a specification profiling this specification.
 	  Client authentication JWTs not using the explicit type value
 	  MUST be rejected by the authorization server.
 	</t>