[OAUTH-WG] Where / how do we report security risks?

"L. Preston Sego III" <LPSego3@gmail.com> Thu, 31 January 2013 14:02 UTC

Return-Path: <lt.sego@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDA0321F8470 for <oauth@ietfa.amsl.com>; Thu, 31 Jan 2013 06:02:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eLsWi7+YfFR4 for <oauth@ietfa.amsl.com>; Thu, 31 Jan 2013 06:02:17 -0800 (PST)
Received: from mail-vb0-f50.google.com (mail-vb0-f50.google.com [209.85.212.50]) by ietfa.amsl.com (Postfix) with ESMTP id ADC4021F8457 for <oauth@ietf.org>; Thu, 31 Jan 2013 06:02:17 -0800 (PST)
Received: by mail-vb0-f50.google.com with SMTP id ft2so1730286vbb.23 for <oauth@ietf.org>; Thu, 31 Jan 2013 06:02:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:sender:from:date:x-google-sender-auth :message-id:subject:to:content-type; bh=zSIuY4h8/P8i+MYb+zEc2mcsjRud0XFJDF7hFDdnNhw=; b=ASLrWQCaw+7PbSD7coMzyZmnV6lkyWGPpwTIVojM8/p506uhym9Hnohx/cjOfwHHK4 QKamAUyzaas2e6nMVjijAuHzt91D2pdHzndnN3FuLYz0ZrhVk0DyHS0k+oW/GEsUQXSa 269Zujx+xgW5IKkiKtDK0TCAFG838Uc+jGVAJqcjGiDzbMHupaknAZQ56fYECIYE/APx ierw5+2Wb3DCG3EfbgobjBmoo1VjQexBQSUPxugKqK97Jh5i8eGUBsE6Kai1fUBh98nu 9nizMfMuHjn8Fj+g27SlFRPBmW+ZIrMDEOBoMKqjPcIueM9vkra1MfHjoTJytHAsswA8 3Gfw==
X-Received: by 10.52.69.39 with SMTP id b7mr7004636vdu.124.1359640936979; Thu, 31 Jan 2013 06:02:16 -0800 (PST)
MIME-Version: 1.0
Sender: lt.sego@gmail.com
Received: by 10.58.238.166 with HTTP; Thu, 31 Jan 2013 06:01:56 -0800 (PST)
From: "L. Preston Sego III" <LPSego3@gmail.com>
Date: Thu, 31 Jan 2013 09:01:56 -0500
X-Google-Sender-Auth: rwHdysE2RJac6kbRW3QOm628-U4
Message-ID: <CAEeqsMaCyF31X50=A6qM7QU2zbMLoSE4C-F8oe5NrWyiCb8hZA@mail.gmail.com>
To: oauth@ietf.org
Content-Type: multipart/alternative; boundary=90e6ba475d4f121ea504d4961391
X-Mailman-Approved-At: Fri, 01 Feb 2013 07:29:08 -0800
Subject: [OAUTH-WG] Where / how do we report security risks?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jan 2013 14:04:28 -0000

Don't want hackers to try anything on oauth2-using applications...