Chad Parry
Results
2
comments of
Chad Parry
> A fully controlled Bad OAuth Server acting as a man-in-the-middle can forge itself as a legitimate client to the real OAuth server, and simultaneously impersonate a legitimate OAuth server...
> This is just OAuth phishing. It happens outside of MCP as well. Yes, agreed. Although, my interpretation of this entire ticket is that we want to make phishing harder...