[OAUTH-WG] I-D Action: draft-ietf-oauth-cross-device-security-09.txt
internet-drafts@ietf.org Mon, 06 January 2025 11:12 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: oauth@ietf.org
Delivered-To: oauth@ietfa.amsl.com
Received: from [10.244.8.219] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 8BED6C1CAE83; Mon, 6 Jan 2025 03:12:49 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.31.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <173616196918.1870944.17870197669280849377@dt-datatracker-65f549669d-2xld9>
Date: Mon, 06 Jan 2025 03:12:49 -0800
Message-ID-Hash: IHFMLAC2BA3UKE26GN7RIDXVBSCSC4CH
X-Message-ID-Hash: IHFMLAC2BA3UKE26GN7RIDXVBSCSC4CH
X-MailFrom: internet-drafts@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: oauth@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: oauth@ietf.org
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-cross-device-security-09.txt
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/Z8mt1QThDu2ZSQLRTWZmle6AtB0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>
Internet-Draft draft-ietf-oauth-cross-device-security-09.txt is now available.
It is a work item of the Web Authorization Protocol (OAUTH) WG of the IETF.
Title: Cross-Device Flows: Security Best Current Practice
Authors: Pieter Kasselman
Daniel Fett
Filip Skokan
Name: draft-ietf-oauth-cross-device-security-09.txt
Pages: 55
Dates: 2025-01-06
Abstract:
This document describes threats against cross-device flows along with
practical mitigations, protocol selection guidance, and a summary of
formal analysis results identified as relevant to the security of
cross-device flows. It serves as a security guide to system
designers, architects, product managers, security specialists, fraud
analysts and engineers implementing cross-device flows.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-cross-device-security/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-oauth-cross-device-security-09.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-oauth-cross-device-security-09
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
- [OAUTH-WG] I-D Action: draft-ietf-oauth-cross-dev… internet-drafts
- [OAUTH-WG] Re: I-D Action: draft-ietf-oauth-cross… Pieter Kasselman