Internet-Draft draft-ietf-oauth-browser-based-apps-26.txt is now available. It
is a work item of the Web Authorization Protocol (OAUTH) WG of the IETF.
Title: OAuth 2.0 for Browser-Based Applications
Authors: Aaron Parecki
Philippe De Ryck
David Waite
Name: draft-ietf-oauth-browser-based-apps-26.txt
Pages: 68
Dates: 2025-12-03
Abstract:
This specification details the threats, attack consequences, security
considerations and best practices that must be taken into account
when developing browser-based applications that use OAuth 2.0.
Discussion Venues
This note is to be removed before publishing as an RFC.
Discussion of this document takes place on the Web Authorization
Protocol Working Group mailing list ([email protected]), which is
archived at https://mailarchive.ietf.org/arch/browse/oauth/.
Source for this draft and an issue tracker can be found at
https://github.com/oauth-wg/oauth-browser-based-apps.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-browser-based-apps/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-oauth-browser-based-apps-26.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-oauth-browser-based-apps-26
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
