RFC Errata
Found 1 record.
Status: Reported (1)
RFC 9470, "OAuth 2.0 Step Up Authentication Challenge Protocol", September 2023
Source of RFC: oauth (sec)
Errata ID: 7951
Status: Reported
Type: Technical
Publication Format(s) : TEXT, PDF, HTML
Reported By: Tomasz Kuczyński
Date Reported: 2024-05-22
Section 6.2 says:
"exp": 1639528912, "iat": 1618354090, "auth_time": 1646340198,
It should say:
"exp": 1639528912, "iat": 1618354090, "auth_time": 1618354090,
Notes:
I noticed a small inconsistency in the example "Figure 7: Introspection Response". It seems that the time for the user-authentication event should be less than or equal to the time of token issuance to ensure logical coherence.