bject: [OAUTH-WG] Updated Shepherd Write-Up for Native Apps document
>
> Here is the shepherd write-up:
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fhannestschofenig%2Ftschofenig-ids%2Fblob%2Fmaster%2Fshepherd-writeups%2FWriteup_OAuth_NativeApps
rg
Subject: [OAUTH-WG] Updated Shepherd Write-Up for Native Apps document
Here is the shepherd write-up:
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fhannestschofenig%2Ftschofenig-ids%2Fblob%2Fmaster%2Fshepherd-writeups%2FWriteup_OAuth_NativeApps.txt&data=02%
You may want to note that RFC6749 itself recommends agains embedded for
security reasons:
An embedded user-agent poses a security challenge because resource
owners are authenticating in an unidentified window without access
to the visual protections found in most external user-agents.
Here is the shepherd write-up:
https://github.com/hannestschofenig/tschofenig-ids/blob/master/shepherd-writeups/Writeup_OAuth_NativeApps.txt
Feedback appreciated. I will also do another shepherd review.
Ciao
Hannes
signature.asc
Description: OpenPGP digital signature
__