Based on the latest draft of [OAuth 2.0 Attestation-Based Client Authentication](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-attestation-based-client-auth-09) we should revisit DPoP and JWT PoP and challenge handling. /cc @md4096
Based on the latest draft of OAuth 2.0 Attestation-Based Client Authentication we should revisit DPoP and JWT PoP and challenge handling. /cc @md4096