public marks

PUBLIC MARKS with tag oAuth

June 2009

May 2009

April 2009

Explaining the OAuth Session Fixation Attack

by nhoizey & 1 other
For everyone involved, this was a first-of-a-kind experience: managing a specification security hole (as opposed to a software bug) in an open specification, with an open community, and no clear governance model. Where do you even begin?

OAuth: 2009.1

by nhoizey
A session fixation attack against the OAuth Request Token approval flow (OAuth Core 1.0 Section 6) has been discovered.

March 2009

Yahoo! tente de concurrencer Facebook avec Yahoo! Updates | ReadWriteWeb France

by parmentierf
Yahoo! Updates est le nom du nouveau concurrent de Facebook Connect. Après Google FriendConnect et MySpace ID, Yahoo veut aussi jouer dans cette catégorie.

February 2009

Blog on Fire » Blog Archive » Fire Eagle Location Streams

by greut & 1 other

Building an XMPP-enabled Fire Eagle application is very similar to building a traditional web-based application. In fact, the XMPP componentry is intended to complement an existing application, simplifying it and imbuing it with real-time capabilities.

Piece of cake, not really. Nice usage of oAuth-over-XMPP though

January 2009

Official Google Data APIs Blog: Bringing OpenID and OAuth Together

by nhoizey & 2 others
The Hybrid Protocol is a result of the ongoing effort by the OpenID and OAuth communities to make these protocols more useful for users and websites. Google is working together with the OpenID community to standardize the new protocol as a formal OpenID extension.