Hi, I read the document, have no concerns, and support it.
Christian On 01.05.21 22:46, Rifaat Shekh-Yusef wrote:
All, We have not seen any comments on this document. Can you please review the document and provide feedback, or indicate that you have reviewed the document and have no concerns. Regards, Rifaat & Hannes On Thu, Apr 15, 2021 at 3:04 AM Karsten Meyer zu Selhausen < karsten.meyerzuselhau...@hackmanit.de> wrote:Hi all, the latest version of the security BCP references draft-ietf-oauth-iss-auth-resp-00 as a countermeasures to mix-up attacks. There have not been any concerns with the first WG draft version so far: https://datatracker.ietf.org/doc/draft-ietf-oauth-iss-auth-resp/ I would like to ask the WG if there are any comments on or concerns with the current draft version. Otherwise I hope we can move forward with the next steps and hopefully finish the draft before/with the security BCP. Best regards, Karsten -- Karsten Meyer zu Selhausen Senior IT Security Consultant Phone: +49 (0)234 / 54456499 Web: https://hackmanit.de | IT Security Consulting, Penetration Testing, Security Training Is your OAuth or OpenID Connect client vulnerable to the severe impacts of mix-up attacks? Learn how to protect your client in our latest blog post on single sign-on:https://www.hackmanit.de/en/blog-en/132-how-to-protect-your-oauth-client-against-mix-up-attacks Hackmanit GmbH Universitätsstraße 60 (Exzenterhaus) 44789 Bochum Registergericht: Amtsgericht Bochum, HRB 14896 Geschäftsführer: Prof. Dr. Jörg Schwenk, Prof. Dr. Juraj Somorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
-- Dr.-Ing. Christian Mainka Horst Görtz Institute for IT-Security Chair for Network and Data Security Ruhr University Bochum, Germany Universitätsstr. 150, ID 2/463 D-44801 Bochum, Germany Telefon: +49 (0) 234 / 32-26796 Fax: +49 (0) 234 / 32-14347 https://nds.rub.de/chair/people/cmainka/ @CheariX
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth