Hi Nat,
what's the rationale for having different algorithms to produce a code
challenges? As this may cause interop issues there should be good
reasons to introduce variants.
regards,
Torsten.
Am 19.10.2013 12:15, schrieb Nat Sakimura:
Incorporated the discussion at Berlin meeting and after in the ML.
Best,
Nat
---------- Forwarded message ----------
From: <[email protected] <mailto:[email protected]>>
Date: 2013/10/19
Subject: New Version Notification for draft-sakimura-oauth-tcse-02.txt
To: Nat Sakimura <[email protected] <mailto:[email protected]>>,
John Bradley <[email protected]
<mailto:[email protected]>>, Naveen Agarwal <[email protected]
<mailto:[email protected]>>
A new version of I-D, draft-sakimura-oauth-tcse-02.txt
has been successfully submitted by Nat Sakimura and posted to the
IETF repository.
Filename: draft-sakimura-oauth-tcse
Revision: 02
Title: OAuth Symmetric Proof of Posession for Code Extension
Creation date: 2013-10-19
Group: Individual Submission
Number of pages: 8
URL: http://www.ietf.org/internet-drafts/draft-sakimura-oauth-tcse-02.txt
Status: http://datatracker.ietf.org/doc/draft-sakimura-oauth-tcse
Htmlized: http://tools.ietf.org/html/draft-sakimura-oauth-tcse-02
Diff: http://www.ietf.org/rfcdiff?url2=draft-sakimura-oauth-tcse-02
Abstract:
The OAuth 2.0 public client utilizing authorization code grant is
susceptible to the code interception attack. This specification
describe a mechanism that acts as a control against this threat.
Please note that it may take a couple of minutes from the time of
submission
until the htmlized version and diff are available at tools.ietf.org
<http://tools.ietf.org>.
The IETF Secretariat
--
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
