[Openid-specs-ab] OWASP ASVS 5.0

[Nat Sakimura]

Thanks for sharing!
It is important to provide feedback IMHO.

2025年3月3日(月) 21:47 Mark Haine <Mark.Haine at oidf.org>:

> Hi AB/Connect and FAPI people,
>
>
>
> There was a presentation at OSW2025 where I learned that OWASP are working
> on a major revision to their Application Security Verification Standard.
> As part of that revision, they are adding content relating to “OAuth and
> OIDC” (sic).  Some of you might wish to review and provide comment.  If
> having an OIDF set of collated feedback is desirable I may be able to find
> time to aggregate your thoughts and comments. If that is the case please
> let me know. I shall do my best to review for the OIDF in any case.
>
>
>
> https://github.com/OWASP/ASVS/tree/master
>
>
>
> Specific section on OAuth and OIDC is in:
>
> https://github.com/OWASP/ASVS/blob/master/5.0/en/0x51-V51-OAuth2.md
>
>
>
> I have reached out to the presenter to see if there is any other guidance
> for reviewers. If I get anything back I’ll add it to this mail thread.
>
>
>
> Best Regards,
>
>
>
>
>
> Mark Haine
>
>
>
> +44 (0) 777 555 0344 <+447775550344> | mark.haine at oidf.org |
>
> [image: OpenID Logo] <https://www.considrd.consulting/>
>
>
>
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20250303/e8f95229/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 1347447 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20250303/e8f95229/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 6115 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20250303/e8f95229/attachment-0001.png>