Most recent first
Access tokens now carry a cnf.jkt confirmation claim bound to the client key. A stolen token is inert without the client’s private key; agent tokens are sender-constrained by default.
Passkey registration now fully verifies packed attestation — authenticator signature and rpIdHash checked, not trusted on faith.
A replayed refresh token now revokes the entire token family. Shipped alongside SECURITY.md.
Clients can register a JWKS and authenticate with signed client assertions instead of shared secrets.