Re: [OAUTH-WG] Call for Feedback on draft-ietf-oauth-iss-auth-resp-00

Mon, 10 May 2021 05:44:26 -0700 

Hi,

I read the document, have no concerns, and support it.

Christian

On 01.05.21 22:46, Rifaat Shekh-Yusef wrote:

All,

We have not seen any comments on this document.
Can you please review the document and provide feedback, or indicate that
you have reviewed the document and have no concerns.

Regards,
  Rifaat & Hannes


On Thu, Apr 15, 2021 at 3:04 AM Karsten Meyer zu Selhausen <
karsten.meyerzuselhau...@hackmanit.de> wrote:


Hi all,

the latest version of the security BCP references
draft-ietf-oauth-iss-auth-resp-00 as a countermeasures to mix-up attacks.

There have not been any concerns with the first WG draft version so far:
https://datatracker.ietf.org/doc/draft-ietf-oauth-iss-auth-resp/

I would like to ask the WG if there are any comments on or concerns with
the current draft version.

Otherwise I hope we can move forward with the next steps and hopefully
finish the draft before/with the security BCP.

Best regards,
Karsten

--
Karsten Meyer zu Selhausen
Senior IT Security Consultant
Phone:  +49 (0)234 / 54456499
Web:    https://hackmanit.de | IT Security Consulting, Penetration Testing, 
Security Training

Is your OAuth or OpenID Connect client vulnerable to the severe impacts of 
mix-up attacks? Learn how to protect your client in our latest blog post on 
single 
sign-on:https://www.hackmanit.de/en/blog-en/132-how-to-protect-your-oauth-client-against-mix-up-attacks

Hackmanit GmbH
Universitätsstraße 60 (Exzenterhaus)
44789 Bochum

Registergericht: Amtsgericht Bochum, HRB 14896
Geschäftsführer: Prof. Dr. Jörg Schwenk, Prof. Dr. Juraj Somorovsky, Dr. 
Christian Mainka, Dr. Marcus Niemietz

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth




_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth



--
Dr.-Ing. Christian Mainka
Horst Görtz Institute for IT-Security
Chair for Network and Data Security
Ruhr University Bochum, Germany

Universitätsstr. 150, ID 2/463
D-44801 Bochum, Germany

Telefon: +49 (0) 234 / 32-26796
Fax: +49 (0) 234 / 32-14347
https://nds.rub.de/chair/people/cmainka/
@CheariX

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to