Re: [OAUTH-WG] Signatures, Why?

Thu, 04 Mar 2010 12:27:58 -0800 


Blaine Cook wrote:

- Why are signatures needed?

  

1) For authentication

2) For ensuring integrity

3) For non-repudiation

- What do signatures need to protect?

  

They protect against


1) Fraudulent access (which, in absence of proper mechanisms, may not 
even even be considered legally fraudulent while making considerable damage)


2) Denial of a previous request.


Igor



  

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth






















					Reply via email to