Internet-Draft draft-ietf-oauth-cross-device-security-14.txt is now available.
It is a work item of the Web Authorization Protocol (OAUTH) WG of the IETF.
Title: Cross-Device Flows: Security Best Current Practice
Authors: Pieter Kasselman
Daniel Fett
Filip Skokan
Name: draft-ietf-oauth-cross-device-security-14.txt
Pages: 67
Dates: 2026-01-05
Abstract:
This document describes threats against cross-device flows along with
practical mitigations, protocol selection guidance, and a summary of
formal analysis results identified as relevant to the security of
cross-device flows. It serves as a security guide to system
designers, architects, product managers, security specialists, fraud
analysts and engineers implementing cross-device flows.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-cross-device-security/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-oauth-cross-device-security-14.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-oauth-cross-device-security-14
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
