[OAUTH-WG] I-D Action: draft-ietf-oauth-cross-device-security-05.txt
internet-drafts@ietf.org Fri, 01 March 2024 09:46 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: oauth@ietf.org
Delivered-To: oauth@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 522C1C180B71; Fri, 1 Mar 2024 01:46:49 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: oauth@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.6.1
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: oauth@ietf.org
Message-ID: <170928640931.22824.8114090024624951863@ietfa.amsl.com>
Date: Fri, 01 Mar 2024 01:46:49 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/sGpJoRryqLtkzY-tbnmekBR2bG8>
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-cross-device-security-05.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2024 09:46:49 -0000
Internet-Draft draft-ietf-oauth-cross-device-security-05.txt is now available. It is a work item of the Web Authorization Protocol (OAUTH) WG of the IETF. Title: Cross-Device Flows: Security Best Current Practice Authors: Pieter Kasselman Daniel Fett Filip Skokan Name: draft-ietf-oauth-cross-device-security-05.txt Pages: 54 Dates: 2024-03-01 Abstract: This document describes threats against cross-device flows along with practical mitigations, protocol selection guidance, and a summary of formal analysis results identified as relevant to the security of cross-device flows. It serves as a security guide to system designers, architects, product managers, security specialists, fraud analysts and engineers implementing cross-device flows. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-oauth-cross-device-security/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-oauth-cross-device-security-05.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-oauth-cross-device-security-05 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts
- [OAUTH-WG] I-D Action: draft-ietf-oauth-cross-dev… internet-drafts