Is OAuth 2.0 Secure ?

יום שלישי, פברואר 4, 2014

When ever I introduce OAuth to my clients they ask. “Is it secure? We heard that …” There is doubt that there is a lot controversy about OAuth yet there is also no doubt that OAuth 2.0 is the leading authorization standard / framework in the web today. Eran Hammer one of OAuth original creators published lots of criticism on the final OAuth 2.0 specification in which he claims that OAuth 2.0 is not a specification but a framework. In his view the spec is not specific enough and leave to much room for variations in the implementations. He...
no comments