[Openid-specs-ab] [OAUTH-WG] OAuth Security Topics -- Recommend authorization code instead of implicit

Torsten Lodderstedt torsten at lodderstedt.net
Tue Nov 27 20:59:03 UTC 2018


> Am 27.11.2018 um 21:54 schrieb William Denniss <wdenniss at google.com>:
> 
> +1 to have language recommending against the use in most cases (without needing to exclude Nat's use-case).

Can you (or someone else) propose text?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2378 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20181127/14f377c1/attachment.p7s>


More information about the Openid-specs-ab mailing list