If I remember correctly, we also talked of recommending or mandating one-time request tokens.
Hubert On Wed, May 6, 2009 at 10:43 PM, Eran Hammer-Lahav <[email protected]> wrote: > > We have identified a few new attack vectors since the spec was originally > written and would like to address them in the Security Consideration section. > Please reply with proposals for such texts. Ideally we can reach some > consensus on these by Fri, but if not, we can add it a bit later since it > doesn't affect the protocol directly. > > EHL > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
