Hi folks, I just looked at the -08 diffs and I see a new section on brute forcing the token but not describing the confused deputy attack. Did I miss something, or were you still planning to add more text?
Thanks -Ekr
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
