Internet-Draft draft-ietf-oauth-cross-device-security-09.txt is now available. It is a work item of the Web Authorization Protocol (OAUTH) WG of the IETF.
Title: Cross-Device Flows: Security Best Current Practice Authors: Pieter Kasselman Daniel Fett Filip Skokan Name: draft-ietf-oauth-cross-device-security-09.txt Pages: 55 Dates: 2025-01-06 Abstract: This document describes threats against cross-device flows along with practical mitigations, protocol selection guidance, and a summary of formal analysis results identified as relevant to the security of cross-device flows. It serves as a security guide to system designers, architects, product managers, security specialists, fraud analysts and engineers implementing cross-device flows. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-oauth-cross-device-security/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-oauth-cross-device-security-09.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-oauth-cross-device-security-09 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org