[oauth] Re: [OpenID] Can we make a seamless OpenID mobile experience?

are being built already, and wouldn't it be cool if they were built using open standards? So I'm just putting it out there. ___ general mailing list gene...@openid.net http://openid.net/mailman/listinfo/general -- Nat Sakimura (=nat) http

[oauth] Re: a simple view of the OAuth security issue

experience negatively (as actual authentication/verification inevitably does). It's probably worth thinking about what verification means and how that might be achieved.  Otherwise, I think the community needs to decide if minimizing possibility is enough. --peter keane -- Nat Sakimura

[oauth] Re: Moving forward

    folly -- then you can let go and quickly move on. (p. 70) -- Nat Sakimura (=nat) http://www.sakimura.org/en/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oauth

[oauth] Re: Moving forward

On Thu, Apr 30, 2009 at 7:05 AM, Blaine Cook rom...@gmail.com wrote: On Wed, Apr 29, 2009 at 3:46 PM, Nat Sakimura sakim...@gmail.com wrote: The other approach is to make it clear that OAuth is Grant (S:V:Data to C:*) so that the users will be fully aware of the consequence. That will keep

[oauth] Signing method for XRD

that this is simple enough? I would appreciate your insight/opinion/input into this matter. Best, -- Nat Sakimura (=nat) http://www.sakimura.org/en/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups OAuth group. To post

Re: [oauth] Is OAuth death?

to oauth@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en. -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en -- You

Re: [oauth] Is OAuth death?

Fiedler wrote: Ok, many thanks for your answers. So I will build upon OAuth (OAuth Provider) and hope this is the right step. 2012/3/21 Nat Sakimura sakim...@gmail.com So it has moved on to IETF from oauth.org. Google, Facebook among others have been implementing OAuth 2.0 various

Re: [oauth] Is OAuth death?

, Yes, indeed - just saw that on twitter, after sending the below. That's good news - do you know what the expectation is for finalization? thanks and all the best, steve. On Aug 1, 2012, at 11:42 PM, Nat Sakimura wrote: Hi Steve, Actually, the OAuth 2.0 Core and Bearer specs were

Re: [oauth] External OAuth Provider

and stop receiving emails from it, send an email to oauth+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en -- You received this message because you are subscribed

Re: [oauth] Registration for Devices

this message because you are subscribed to the Google Groups OAuth group. To unsubscribe from this group and stop receiving emails from it, send an email to oauth+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. -- Nat Sakimura (=nat

Re: [oauth] Re: Oauth 2.0 login restriction

receiving emails from it, send an email to oauth+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en -- You received this message because you are subscribed

Re: [oauth] Preventing OAuth client from maliciously modifying user's request

...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en -- You received this message because you are subscribed to the Google Groups OAuth group. To unsubscribe from this group and stop

Re: [oauth] Preventing OAuth client from maliciously modifying user's request

at 9:09 AM, Nat Sakimura sakim...@gmail.com wrote: No. This is equally true for an App as well. The App may modify your tweet. This is a kind of things which should more effectively dealt with ToS etc. Not everything needs to be solved technically. 2014-05-21 19:41 GMT+09:00 Fajar Ardian

Re: [oauth] Preventing OAuth client from maliciously modifying user's request

use on? What I'm suggesting is that perhaps the use case could be satisfied with existing spec flows and bespoke use of scope fields, with single use access tokens. - Reply message - From: Nat Sakimura sakim...@gmail.com To: oauth@googlegroups.com oauth@googlegroups.com Subject

Re: [oauth] OAuth and RESTful

because you are subscribed to the Google Groups OAuth group. To unsubscribe from this group and stop receiving emails from it, send an email to oauth+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- Nat Sakimura (=nat) Chairman, OpenID Foundation

Re: [oauth] OAuth 2.0 flow in iOS :: Apple rejecting opening up Safari

Thanks Dick. OIDF is also trying to write a white paper why in-app browser for this purpose is a bad idea. =nat via iPhone 2015/05/09 4:28、Dick Hardt dick.ha...@gmail.com のメッセージ: Glad to know I was not missing something. I explained all the logic in my first response to the reviewer.

Re: [oauth] OAuth 2.0 flow in iOS :: Apple rejecting opening up Safari

at this time. We hope you will consider making the necessary changes to be in compliance with the App Store Review Guidelines and will resubmit your revised binary. Best regards, Nicki App Review Board On Fri, May 8, 2015 at 5:30 PM, Nat Sakimura sakim...@gmail.com javascript:_e(%7B%7D,'cvml