A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.
Title : OAuth 2.0 Authorization Server Issuer Identification
Authors : Karsten Meyer zu Selhausen
Daniel Fett
Filename : draft-ietf-oauth-iss-auth-resp-03.txt
Pages : 11
Date : 2021-11-18
Abstract:
This document specifies a new parameter iss that is used to
explicitly include the issuer identifier of the authorization server
in the authorization response of an OAuth authorization flow. The
iss parameter serves as an effective countermeasure to "mix-up
attacks".
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-iss-auth-resp/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-oauth-iss-auth-resp-03.html
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-iss-auth-resp-03
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
