Oauth-security-reports -- Information about security vulnerabilities concerning the OAuth specifications and OAuth implementations

 

About Oauth-security-reports
English (USA)

This list was created to allow security researchers and other parties to submitting information related to discovered security vulnerabilities concerning the OAuth specifications and OAuth implementations. The aim is to provide those who discover security problems to have an easy way to report their findings to a small group of standardization experts, which includes the OAuth working group chairs, in a confidential manner. The group then has to decide on how to utilize the obtained information to initiate discussions on IETF mailing list or with impacted implementers.

*****
Important Note: Since vulnerability reports will be submitted to this list it is not a public mailing list. The OAuth WG chairs will invite experts to join this list.
*****

To see the collection of prior postings to the list, visit the Oauth-security-reports Archives or Oauth-security-reports MHonArc Archives. (The current archive is only available to the list members.)

Using Oauth-security-reports
To post a message to all the list members, send email to oauth-security-reports@ietf.org.

You can subscribe to the list, or change your existing subscription, in the sections below.

Subscribing to Oauth-security-reports

Subscribe to Oauth-security-reports by filling out the following form. You will be sent email requesting confirmation, to prevent others from gratuitously subscribing you. Once confirmation is received, your request will be held for approval by the list moderator. You will be notified of the moderator's decision by email. This is also a private list, which means that the list of members is not available to non-members.

    Your email address:  
    Your name (optional):  
    You may enter a privacy password below. This provides only mild security, but should prevent others from messing with your subscription. Do not use a valuable password as it will occasionally be emailed back to you in cleartext.

    If you choose not to enter a password, one will be automatically generated for you, and it will be sent to you once you've confirmed your subscription. You can always request a mail-back of your password when you edit your personal options.
    Pick a password:  
    Reenter password to confirm:  
    Which language do you prefer to display your messages? English (USA)  
    Would you like to receive list mail batched in a daily digest? No Yes
Oauth-security-reports Subscribers
(The subscribers list is only available to the list members.)

Enter your address and password to visit the subscribers list:

Address: Password:   

To unsubscribe from Oauth-security-reports, get a password reminder, or change your subscription options enter your subscription email address:

If you leave the field blank, you will be prompted for your email address


Oauth-security-reports list run by hannes.tschofenig at gmx.net, derek at ihtfp.com
Oauth-security-reports administrative interface (requires authorization)
Overview of all ietf.org mailing lists

Delivered by Mailman
version 2.1.22
Python Powered GNU's Not Unix