Explaining the OAuth Session Fixation Attack
►http://www.hueniverse.com/hueniverse/2009/04/explaining-the-oauth-session-fixation-attack.html
For everyone involved, this was a first-of-a-kind experience: managing a specification security hole (as opposed to a software bug) in an open specification, with an open community, and no clear governance model. Where do you even begin?
#OAuth #faille #sécurité #hack #oups #explication #clevermarks