We wrote a security analysis of double redirection protocols that has a section on OAuth 2.0 as of draft 11. You can find it at http://pomcor.com/techreports/DoubleRedirection.pdf
Francisco --- On Fri, 5/13/11, Mark Mcgloin <mark.mcgl...@ie.ibm.com> wrote: From: Mark Mcgloin <mark.mcgl...@ie.ibm.com> Subject: [OAUTH-WG] Formal security protocol analysis of OAuth 2.0 To: oauth@ietf.org Date: Friday, May 13, 2011, 10:40 AM Does anyone know of a formal security protocol analysis that has been carried out for OAuth 2.0? I could only find analysis done against 1.0a, like this one: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5762765 thanks Mark _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth