Hi Denis, We discussed these kinds of collusion attacks at great length previously on this list. My views on them have not changed.
Am 04.05.20 um 20:06 schrieb Denis: > As soon as a software solution would be available to perform this > collaborative attack, everybody would be able to use it. Teamviewer is sufficient and widely available. -Daniel > Denis > >> Hi all, >> >> as mentioned in the WG interim meeting, there are several ideas >> floating around of what DPoP actually does. >> >> In an attempt to clarify this, if have unfolded the use cases that I >> see and written them down in the form of attacks that DPoP defends >> against: >> https://danielfett.github.io/notes/oauth/DPoP%20Attacker%20Model.html >> >> Can you come up with other attacks? Are the attacks shown relevant? >> >> Cheers, >> Daniel >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
