Hi all, A recent news article [1] was brought to my attention this week that's about a paper [2] which I've just read. While it mostly deals with implementation and integration flaws, I'm wondering if there's anything in there that could benefit any of the oauth drafts. Anyone had a look at that already?
Be interesting if any similar analysis has been done on any oauth 1.0 or 2.0 sites or implementations. Ta, S. [1] http://www.itbusiness.ca/it/client/en/CDN/News.asp?id=66741 [2] https://research.microsoft.com/pubs/160659/websso-final.pdf _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
