On Sunday 10, 2016, OAuth Security Advisory: Authorization Server Mix-Up was issued. Nov Matake wrote an excellent article about it in Japanese. To help understand the…View More IdP Mix-up Attack on OAuth [RFC6749]
June 24: The three main UMA Version 0.9 specifications – UMA Core , OAuth Resource Set Registration , and UMA Claim Profiles – are out for a45-day public review period ending September 6 at 17:00…View More Public Review of UMA 0.9 is going on
A new bug in OpenSSL was found by Masashi Kikuchi of Lepidum. It affects all versions of OpenSSL earlier than 1.0.1. For details, please refer…View More New vulnerability on OpenSSL found
Since I am using it on this blog also, I probably should not talk loudly, but I feel creepy about the Facebook “Like” button. If…View More Is Facebook “Like” button tracking you?
So, OpenID Connect provides a lot of advanced facilities to fulfill so many additional feature requested by the member community. It indeed is full of…View More OpenID Connect Stripped down to just “Authentication” (aka OAuth Authentication)