[Openid-specs-fapi] Cross-Browser Payment Initiation Attack

n-sakimura n-sakimura at nri.co.jp
Mon Jan 7 21:24:54 UTC 2019

Thanks Torsten and Daniel,

This seems to be a very good starting point for a white paper/technical report. Is there any objection to starting a work based on this?

If so, please speak up by the end of this week.


Nat Sakimura
Chair, FAPI WG.

Outlook for iOS<https://aka.ms/o0ukef> を入手

差出人: Openid-specs-fapi <openid-specs-fapi-bounces at lists.openid.net> (Torsten Lodderstedt via Openid-specs-fapi <openid-specs-fapi at lists.openid.net> の代理)
送信日時: 火曜日, 1月 8, 2019 1:33 午前
宛先: openid-specs-fapi at lists.openid.net
Cc: Torsten Lodderstedt
件名: [Openid-specs-fapi] Cross-Browser Payment Initiation Attack

Hi all,

Daniel and I wrote a document describing a potential kind of attack on redirect based flows used to authorize and initiate payments.

We would like to contribute this document to the working group.

kind regards,

Openid-specs-fapi mailing list
Openid-specs-fapi at lists.openid.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20190107/39b0805d/attachment.html>

More information about the Openid-specs-fapi mailing list