> A while ago, if I'm not mistaken, I glimpsed some report of vulnerabilities > caused by incorrect public key comparison.
There was a recent issue raised by Hanno about incorrect public/private key matching leading to incorrect revocation of a certificate; was that what you were thinking of? _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
