[Openid-specs-fapi] Issue #609: CIBA - Make clear limitation of binding message (openid/fapi)
dgtonge
issues-reply at bitbucket.org
Wed Jun 21 14:46:19 UTC 2023
New issue 609: CIBA - Make clear limitation of binding message
https://bitbucket.org/openid/fapi/issues/609/ciba-make-clear-limitation-of-binding
Dave Tonge:
As raised by Pedram and Tim - there are still attacks possible even when a binding message is used \(with an attacker controlled client\). We should add this to the security considerations.
Responsible: Dave Tonge
More information about the Openid-specs-fapi
mailing list