I was encouraged by Martin Dougiamas at Moodle Moot Germany 17 to raise this issue. In his Keynote he talked about Moodle supporting standards.
For Oauth2, though, that isn't acheived yet.
Namely the OAuth2 needs full JOSE/JWT and OIDC support in order to support Key Encryption standards.
It would be very great if this issue landed.
Those are the underpinning specifications: