OpenID Connect and OAuth 2.0 – Best Practices for Security – Dominick Baier
| Channel | Publish Date | Thumbnail & View Count | Download Video |
|---|---|---|---|
 | Publish Date not found |  0 Views |
Since its publication in RFC6749 and RFC6750, OAuth 2.0 has gained tremendous market traction and has become the standard for API protection and the foundation of OpenID Connect.
Since then, the protocols have been attacked due to known implementation weaknesses and anti-patterns, the technology has changed, and their use has expanded to higher security use cases and environments than originally intended and expected. For this reason, the IETF has published a set of so-called "Best Current Practices" (BCPs) that update the original specifications and threat models and provide more authoritative guidelines. This talk gives an overview of these BCPs and selects some topics for more in-depth discussion.
Since then, the protocols have been attacked due to known implementation weaknesses and anti-patterns, the technology has changed, and their use has expanded to higher security use cases and environments than originally intended and expected. For this reason, the IETF has published a set of so-called "Best Current Practices" (BCPs) that update the original specifications and threat models and provide more authoritative guidelines. This talk gives an overview of these BCPs and selects some topics for more in-depth discussion.
You can find more of our lectures, courses and conferences at the following links:
https://ndcconferences.com/
https://ndc-security.com/
Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.
