PKCE beschrijving in Sectie 2.3.1 klopt niet

Er staat:

Native clients MUST apply PKCE, as per RFC7636. As code_verifier the S256 method MUST be applied. Effectively this means that a Native Client MUST include a cryptographic random code_challenge of at least 128 bits of entropy and the code_challenge_method with the value S256.

Echter:

niet de code_verifier maar de code_challenge wordt berekend middels S256 algoritme,
niet de code_challenge maar de code_verifier is een random string met minstens 128 bits entropie (RFC7636 zegt minimaal 34 en maximaal 128 niet gereserveerde karakters (https://tools.ietf.org/html/rfc7636#section-4.1))

Dit staat in onze NL Gov toevoeging en kunnen we zelf corrigeren

OAuth-NL-profiel/Client Profiles.md

Lines 95 to 97 in 6fc0957

    
           Native clients MUST apply PKCE, as per RFC7636. 
        
           As `code_verifier` the S256 method MUST be applied. 
        
           Effectively this means that a Native Client MUST include a cryptographic random `code_challenge` of at least 128 bits of entropy and the `code_challenge_method` with the value `S256`.

ik heb deze wijziging meegenomen in PR #45
het betreft dezelfde 2 regels iGov-NL additional content.

	Native clients MUST apply PKCE, as per RFC7636.
	As `code_verifier` the S256 method MUST be applied.
	Effectively this means that a Native Client MUST include a cryptographic random `code_challenge` of at least 128 bits of entropy and the `code_challenge_method` with the value `S256`.