All, We have not seen any comments on this document. Can you please review the document and provide feedback, or indicate that you have reviewed the document and have no concerns.
Regards, Rifaat & Hannes On Thu, Apr 15, 2021 at 3:04 AM Karsten Meyer zu Selhausen < [email protected]> wrote: > Hi all, > > the latest version of the security BCP references > draft-ietf-oauth-iss-auth-resp-00 as a countermeasures to mix-up attacks. > > There have not been any concerns with the first WG draft version so far: > https://datatracker.ietf.org/doc/draft-ietf-oauth-iss-auth-resp/ > > I would like to ask the WG if there are any comments on or concerns with > the current draft version. > > Otherwise I hope we can move forward with the next steps and hopefully > finish the draft before/with the security BCP. > > Best regards, > Karsten > > -- > Karsten Meyer zu Selhausen > Senior IT Security Consultant > Phone: +49 (0)234 / 54456499 > Web: https://hackmanit.de | IT Security Consulting, Penetration Testing, > Security Training > > Is your OAuth or OpenID Connect client vulnerable to the severe impacts of > mix-up attacks? Learn how to protect your client in our latest blog post on > single > sign-on:https://www.hackmanit.de/en/blog-en/132-how-to-protect-your-oauth-client-against-mix-up-attacks > > Hackmanit GmbH > Universitätsstraße 60 (Exzenterhaus) > 44789 Bochum > > Registergericht: Amtsgericht Bochum, HRB 14896 > Geschäftsführer: Prof. Dr. Jörg Schwenk, Prof. Dr. Juraj Somorovsky, Dr. > Christian Mainka, Dr. Marcus Niemietz > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
