OAuth 2.0 Security: Closing Open Redirectors in OAuth
draft-ietf-oauth-closing-redirectors-00
| Document | Type | Expired Internet-Draft (oauth WG) | |
|---|---|---|---|
| Authors | John Bradley , Antonio Sanso , Hannes Tschofenig | ||
| Last updated | 2016-08-07 (latest revision 2016-02-04) | ||
| Replaces | draft-bradley-oauth-open-redirector | ||
| Stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | Best Current Practice | ||
| Formats |
Expired & archived
plain text
xml
htmlized
pdfized
bibtex
|
||
| Stream | WG state | WG Document | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | Expired | |
| Consensus Boilerplate | Yes | ||
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
https://www.ietf.org/archive/id/draft-ietf-oauth-closing-redirectors-00.txt
Abstract
This document gives additional security considerations for OAuth, beyond those in the OAuth 2.0 specification and in the OAuth 2.0 Threat Model and Security Considerations.
Authors
John Bradley
(ve7jtb@ve7jtb.com)
Antonio Sanso
(asanso@adobe.com)
Hannes Tschofenig
(Hannes.Tschofenig@gmx.net)
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)