client, the
issue is merely shifted from the client-OAuth server to the client-Remote
Assertion Server, which is the same scenario.
Best Regards.
From: Jaimandeep Singh
mailto:40nfsu.ac...@dmarc.ietf.org>>
Date: Sunday, 26 February 2023 at 17:05
To: "Oliva Fernandez, Jorge"
ot;Remote Assertion Server", this cause the attacker to generate as many
> assertions as they require, this is precisely a client impersonation
> attack…. therefore, with the "Remote Assertion Server," unless a magical
> solution is proposed to ensure the identity of a public cli
Best Regards.
From: Jaimandeep Singh
Date: Sunday, 26 February 2023 at 17:05
To: "Oliva Fernandez, Jorge"
Cc: oauth
Subject: [EXT]Re: [OAUTH-WG] Unified Singular Protocol Flow for OAuth (USPFO)
Ecosystem
CAUTION: This message is from an EXTERNAL sender – be vigilant, particularly
with
Dear Jorge,
Thank you for taking the time and making the efforts to review the paper
and offer valuable feedback and suggestions. Your inputs are greatly
appreciated and we will definitely consider incorporating your suggestions
in our revised or future work. In order to offer a diverse perspectiv
