Torsten Lodderstedt
2016-11-13 15:10:38 UTC
Hi all,
I just uploaded the first version of a security document we have been
talking about since Berlin. It is intended to be a tool to help us to
systematically address all open topics re OAuth security. I will present
the draft in the meeting on Wednesday. I would like to ask anybody to
review the document upfront, so we can have a productive discussion
about the further work. If you cannot be in the meeting, please give
feedback to the list.
Thanks to Andrey and John for being co-authors.
best regards,
Torsten.
-------- Weitergeleitete Nachricht --------
Betreff: New Version Notification for
draft-lodderstedt-oauth-security-topics-00.txt
Datum: Sun, 13 Nov 2016 07:02:04 -0800
Von: internet-***@ietf.org
An: Torsten Lodderstedt <***@lodderstedt.net>, Andrey Labunets
<***@fb.com>, John Bradley <***@ve7jtb.com>
A new version of I-D, draft-lodderstedt-oauth-security-topics-00.txt
has been successfully submitted by Torsten Lodderstedt and posted to the
IETF repository.
Name: draft-lodderstedt-oauth-security-topics
Revision: 00
Title: OAuth Security Topics
Document date: 2016-11-12
Group: Individual Submission
Pages: 15
URL: https://www.ietf.org/internet-drafts/draft-lodderstedt-oauth-security-topics-00.txt
Status: https://datatracker.ietf.org/doc/draft-lodderstedt-oauth-security-topics/
Htmlized: https://tools.ietf.org/html/draft-lodderstedt-oauth-security-topics-00
Abstract:
This draft gives a comprehensive overview on open OAuth security
topics. It is intended to serve as a tool for the OAuth working
group to systematically address these open security topics,
recommending mitigations, and potentially also defining OAuth
extensions needed to cope with the respective security threats. This
draft will potentially become a BCP over time.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
I just uploaded the first version of a security document we have been
talking about since Berlin. It is intended to be a tool to help us to
systematically address all open topics re OAuth security. I will present
the draft in the meeting on Wednesday. I would like to ask anybody to
review the document upfront, so we can have a productive discussion
about the further work. If you cannot be in the meeting, please give
feedback to the list.
Thanks to Andrey and John for being co-authors.
best regards,
Torsten.
-------- Weitergeleitete Nachricht --------
Betreff: New Version Notification for
draft-lodderstedt-oauth-security-topics-00.txt
Datum: Sun, 13 Nov 2016 07:02:04 -0800
Von: internet-***@ietf.org
An: Torsten Lodderstedt <***@lodderstedt.net>, Andrey Labunets
<***@fb.com>, John Bradley <***@ve7jtb.com>
A new version of I-D, draft-lodderstedt-oauth-security-topics-00.txt
has been successfully submitted by Torsten Lodderstedt and posted to the
IETF repository.
Name: draft-lodderstedt-oauth-security-topics
Revision: 00
Title: OAuth Security Topics
Document date: 2016-11-12
Group: Individual Submission
Pages: 15
URL: https://www.ietf.org/internet-drafts/draft-lodderstedt-oauth-security-topics-00.txt
Status: https://datatracker.ietf.org/doc/draft-lodderstedt-oauth-security-topics/
Htmlized: https://tools.ietf.org/html/draft-lodderstedt-oauth-security-topics-00
Abstract:
This draft gives a comprehensive overview on open OAuth security
topics. It is intended to serve as a tool for the OAuth working
group to systematically address these open security topics,
recommending mitigations, and potentially also defining OAuth
extensions needed to cope with the respective security threats. This
draft will potentially become a BCP over time.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat