Since its publication in RFC6749 and RFC6750, OAuth 2.0 has gotten massive traction in the market and became the standard for API protection and the foundation of OpenID Connect.
In the meantime, the protocols have been attacked through known implementation weaknesses and anti-patterns, technology has changed and their usage has been expanded to use-cases and higher security environments than originally considered and anticipated. That’s the reason why the IETF has published a number of so called “Best Current Practices” (BCPs) which update the original specs and threat models and give more prescriptive guidance. This talk gives an overview over those BCPs and picks out a couple of the topics for more in-depth discussion.
Check out more of our talks, courses, and conferences in the following links:
https://ndcconferences.com/
https://ndc-london.com/
Watch video OpenID Connect & OAuth 2.0 – Security Best Practices - Dominick Baier online without registration, duration hours minute second in high quality. This video was added by user NDC Conferences 14 February 2020, don't forget to share it with your friends and acquaintances, it has been viewed on our site 11,141 once and liked it 182 people.