Hi Joseph,
Among these 39 slides, to which attack(s) are you referring ?
I wrote:"It is quite hard to understand under which /context(s) /and
conditions OAuth 2.0 could be safely used".
For each counter-measure, it would be useful to explain under which
context(s) or under which assumptions
Thanks Brian! Pedram and I are still not completely sure whether we
fully understand the setting here...
Am 15.05.18 um 00:22 schrieb Brian Campbell:
> Typically when an access token is issued via the implicit grant
> directly from the authorization endpoint, it is for a client that is
> running a
