{"draft":"draft-ietf-oauth-v2-threatmodel-08","doc_id":"RFC6819","title":"OAuth 2.0 Threat Model and Security Considerations","authors":["T. Lodderstedt, Ed.","M. McGloin","P. Hunt"],"format":["ASCII","HTML"],"page_count":"71","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Web Authorization Protocol","abstract":"This document gives additional security considerations for OAuth,\r\nbeyond those in the OAuth 2.0 specification, based on a comprehensive\r\nthreat model for the OAuth 2.0 protocol.  This document is not an \r\nInternet Standards Track specification; it is published for \r\ninformational purposes.","pub_date":"January 2013","keywords":["authorization","authentication","token","counter-measures","HTTP","REST"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC6819","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc6819"}