subject:"\[OAUTH\-WG\] Rate limiting in Dyn\-Reg\-Management"

Re: [OAUTH-WG] Rate limiting in Dyn-Reg-Management

2015-04-04 Thread Justin Richer

On 4/3/2015 9:15 PM, Benjamin Kaduk wrote: On Fri, 3 Apr 2015, Justin Richer wrote: In the current draft of Dyn-Reg-Management (https://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-management-12 ) there’s a clause that’s c

Re: [OAUTH-WG] Rate limiting in Dyn-Reg-Management

2015-04-03 Thread Benjamin Kaduk

On Fri, 3 Apr 2015, Justin Richer wrote: > In the current draft of Dyn-Reg-Management > (https://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-management-12 > ) there’s > a clause that’s causing some consternation in the general

Re: [OAUTH-WG] Rate limiting in Dyn-Reg-Management

2015-04-03 Thread John Bradley

I am OK with that. Rate limiting only really helps with denial of service attacks, and that is a separate issue. In 6750 we were very slippery in avoiding specifying any entropy minimum or structure for the token, given the nature of that applying to any endpoint. In 6819 we did better by spec

[OAUTH-WG] Rate limiting in Dyn-Reg-Management

2015-04-03 Thread Justin Richer

In the current draft of Dyn-Reg-Management (https://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-management-12 ) there’s a clause that’s causing some consternation in the general review: Since the client configuration endpoi

Re: [OAUTH-WG] Rate limiting in Dyn-Reg-Management

Re: [OAUTH-WG] Rate limiting in Dyn-Reg-Management

Re: [OAUTH-WG] Rate limiting in Dyn-Reg-Management

[OAUTH-WG] Rate limiting in Dyn-Reg-Management

4 matches

Site Navigation

Mail list logo

Footer information