it. I don't think it's universal that all clients will give transitive
access from the user to the accessed resource, though it's certainly
common; the lack of exposition on that point is what I had been stumbling
on.
-Ben
On Tue, Nov 26, 2019 a
Best regards,
Pedram
On 26.11.19 16:51, Benjamin Kaduk wrote:
Hi Pedram,
On Thu, Nov 21, 2019 at 02:50:52PM +0100, Pedram Hosseyni wrote:
Also, for this or the next version of this document, the Cuckoo's Token
attack (see Section IV-A of http://arxiv.org/abs/1901.11520/ ), should
be add
for this or the next version of this document, the Cuckoo's Token
attack (see Section IV-A of http://arxiv.org/abs/1901.11520/ ), should
be addressed. We also discussed this issue extensively at the last OSW
in Stuttgart.
Typo: Section 3.5: MTLS -> mTLS
Best regards
Pedram Hosseyni
--
Ped
