The Audience of Tokens – 2 min. OAuth #10
The audience of a token is one of the most important yet often overlooked notion that is causing security breaches. In this episode, you will…
View More The Audience of Tokens – 2 min. OAuth #10
Celebrating the 200th anniversary of “Silent Night”
Today, December 24 of 2018 marks the 200th anniversary of this famous Christmas carol, “Silent Night, Holy Night.” It was in a small town in…
View More Celebrating the 200th anniversary of “Silent Night”
Todo list for Self-Issued OP to achieve #self-sovereign-identity
Self-issued OP (SIOP) is defined in Chapter 7 of OpenID Connect (2014). If we take that the Identity (set of data related to the entity)…
View More Todo list for Self-Issued OP to achieve #self-sovereign-identity
My session at Trustech 2018 (Nov. 27) @ Cannes, France
I will be speaking at Trustech 2018 at 10:35 AM on November 27, during the track “IDENTITY AND PRIVACY: THE FULL PICTURE”. You can find…
View More My session at Trustech 2018 (Nov. 27) @ Cannes, France
Consumer Identity World APAC 2018 Keynote
I am now in Singapore to deliver a keynote at Consumer Identity World APAC 2018. Let us connect if you are around.
View More Consumer Identity World APAC 2018 Keynote
Facebook hack and OAuth User Authentication [2 min OAuth]
In this episode, I used the Facebook hack as the leeway to explain why using an access token to represent a user is a bad idea.
View More Facebook hack and OAuth User Authentication [2 min OAuth]
Blockchain X-Border talk with the tech community
I will be moderating a Panel titled “Blockchain: X-Border talk with the tech community” this Thursday. It is a part of the symposium called “Fin/Sum…
View More Blockchain X-Border talk with the tech community
Secret of Authorization Code [OAuth 2 min]
This week, I have explained often an untalked property of OAuth 2.0.
View More Secret of Authorization Code [OAuth 2 min]
Where are Sender Constrained Token used in RFC6749?
Hi, Nat Sakimura here. In the last week’s episode, I have explained what are sender constrained tokens But you may wonder where these are going…
View More Where are Sender Constrained Token used in RFC6749?
2 mintues OAuth: Bearer and Sender Constrained Tokens
In the episode #1, I have explained that OAuth uses metro ticket like “tokens” to access a protected resource. These are called bearer tokens as…
View More 2 mintues OAuth: Bearer and Sender Constrained Tokens