Hi Thorsten,
do you mean that for service2service communication or for the frontend to
backend communication?
How would that process look like in a nutshell?
Thanks!
David
Am 22. Juli 2019 14:30:41 MESZ schrieb Torsten Lodderstedt
<tors...@lodderstedt.net>:
>Hi David,
>
>> On 12. Jun 2019, at 04:01, David Waite <da...@alkaline-solutions.com>
>wrote:
>>
>> To prevent exfiltration, the options are limited.
>> - Token Binding will work, but only currently has support in Edge.
>> - Mutual TLS will work, but has a poor experience unless you are
>deploying alongside group policy.
>> - DPoP was written specifically for the browser use case (such as
>letting you use WebCrypto for non-exportable tokens). It is an early
>draft but has some initial implementations already.
>
>If you use a backend to relay or orchestrate your micro service
>interactions, mTLS (with self-signed certs) is the easiest choice from
>my perspective.
>
>kind regards,
>Torsten.
--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
