oauth-v2-1 icon indicating copy to clipboard operation
oauth-v2-1 copied to clipboard

Published 20 hours ago verified publisher icon oauth-wg

NIST SP 800-63-1 obsoleted

Open ioggstream opened this issue 4 years ago • 2 comments

I expect

An updated ref to NIST SP publication.

Instead

The I-D cites NIST SP 800-63-1 withdrawn in 2013 Note: 800-63-2 was Withdrawn on June 22, 2017. Superseded by SP 800-63-3; SP 800-63C; SP 800-63A; SP 800-63B

ioggstream avatar Feb 16 '21 17:02 ioggstream

@ioggstream Can you confirm that the current list of threats in the doc are still included in the latest set of NIST documents? What I'm looking for is whether the list in the OAuth draft needs to be updated with more/less items based on the latest NIST docs.

aaronpk avatar Jun 28 '22 23:06 aaronpk

Good question :)

I need to work on it.

ioggstream avatar Jun 29 '22 07:06 ioggstream