public marks

PUBLIC MARKS from nhoizey with tags hack & sécurité

November 2009

April 2009

Explaining the OAuth Session Fixation Attack

by 1 other
For everyone involved, this was a first-of-a-kind experience: managing a specification security hole (as opposed to a software bug) in an open specification, with an open community, and no clear governance model. Where do you even begin?