Hi Denis, Am 07.11.19 um 09:16 schrieb Denis: > > *Whatever kind of cryptographic is being used, when two users > collaborate, a software-only solution will be unable to prevent the > transmission * > * of an attribute of a user that possess it to another user that > does not possess it. * > To stay in OAuth lingo, what you are saying is: Two collaborating clients can exchange their access tokens and use them.
Is that a correct summary of your attack? -Daniel
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
