security – Page 2

OAuth OpenID Connect security

IdP Mix-up Attack on OAuth [RFC6749]

Nat January 15, 2016 1 Comment OAuth IdP Mix-up attack

On Sunday 10, 2016, OAuth Security Advisory: Authorization Server Mix-Up was issued. Nov Matake wrote an excellent article about it in Japanese. To help understand the…

identity OAuth privacy security

Public Review of UMA 0.9 is going on

Nat June 25, 2014 No Comments uma

June 24: The three main UMA Version 0.9 specifications – UMA Core , OAuth Resource Set Registration , and UMA Claim Profiles – are out for a45-day public review period ending September 6 at 17:00…

security

New vulnerability on OpenSSL found

Nat June 6, 2014 No Comments OpenSSL security

A new bug in OpenSSL was found by Masashi Kikuchi of Lepidum. It affects all versions of OpenSSL earlier than 1.0.1. For details, please refer…

identity privacy security

Is Facebook “Like” button tracking you?

Nat July 11, 2012 No Comments +1 cookie facebook Google tracking

Since I am using it on this blog also, I probably should not talk loudly, but I feel creepy about the Facebook “Like” button. If…

identity OAuth OpenID Connect security

OpenID Connect Stripped down to just “Authentication” (aka OAuth Authentication)

Nat March 31, 2012 1 Comment OAuth 2.0 Authentication OAuth Authentication

So, OpenID Connect provides a lot of advanced facilities to fulfill so many additional feature requested by the member community. It indeed is full of…

.Nat Zone

Category: security

IdP Mix-up Attack on OAuth [RFC6749]

Public Review of UMA 0.9 is going on

New vulnerability on OpenSSL found

OpenID Connect Stripped down to just “Authentication” (aka OAuth Authentication)

OpenID Connect in a nutshell

Write an OpenID Connect server in three simple steps

Dummy’s guide for the Difference between OAuth Authentication and OpenID

Making a Javascript OpenID Connect Client in 4 steps

Announcing GAIN: Global Assured Identity Network