We knew that's a bad practice and causes woes that OIDC mandated exact
match before the completion of OAuth. I wish we have insisted more on it.
Oh, well.
On Tue, May 17, 2016 at 15:34 Antonio Sanso wrote:
> hi,
>
> FWIW Facebook is not the only one here.
> Many OAuth provider do not do exact mat
hi,
FWIW Facebook is not the only one here.
Many OAuth provider do not do exact matching redirect uri validation. Github
for example is another….
regards
antonio
On May 10, 2016, at 10:23 AM, Daniel Fett
mailto:f...@uni-trier.de>> wrote:
It does not work if the AS does not check the redirect
Hi,
I just manage to take the time to read this document and in general I like
it a lot I think it fills a gap and with mapping to CBOR, and CoAP it will
work well for more constrained deceive too.
There are several details that would be great to address such as IANA
section more thorough descrip
Can I also suggest that a PayPal or Credit Card payment be added as a means as
bank transfer for corporate folks is like impossible
-Original Message-
From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Mike Jones
Sent: Monday, May 16, 2016 4:25 AM
To: Hannes Tschofenig ; oauth@ietf
I'm planning to submit a position paper to the OAuth security workshop. I
couldn't find any guidance on what the program committee is looking for in the
papers. I could imagine anything from submitting a paragraph or two describing
the conversations I'd like to lead to a 10-page paper suitable
Hi all,
this is a reminder that the call for position paper deadline for the
OAuth Security Workshop is getting closer.
Here is the link to the info:
https://infsec.uni-trier.de/events/osw2016
Ciao
Hannes
signature.asc
Description: OpenPGP digital signature
___
