3000+ Courses from California Community Colleges

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

OAuth and Proof of Possession - The Long Way Round

NDC Conferences via YouTube

Start learning Write review

Overview

Explore the evolution and implementation of proof of possession in OAuth 2.0 in this comprehensive conference talk from NDC Oslo 2023. Delve into the controversial decision to omit cryptographic binding of access tokens to owners in the initial OAuth 2.0 specification, and trace the decade-long journey to develop a solution. Examine the history of proof of possession, current implementation methods, and the growing demand for enhanced security features across various industries. Learn about sender constraining techniques, including OAuth Token Binding and OAuth 2.0 Mutual TLS. Gain insights into practical applications, potential drawbacks, and future developments in OAuth security. Conclude with a demo and Q&A session to solidify your understanding of this critical aspect of modern authentication protocols.

Syllabus

Intro
OAuth
Proof of Possession before OAuth
OAuth 10 version 1
OAuth 10 version 2
New OAuth hashtag
The last passing gift
OAuth Proof of Possession
OAuth Token Binding
The Industry Jumps In
OAuth 20 Mutual TLS
Mutual TLS
Mutual TLS in practice
CNF token
Client certificate
Summary
Fast forwarding
Token request
Proof token
Access token
Resource access
Json token
Token hash
Demo
The downside of Depop
Questions

Taught by

NDC Conferences

Reviews

Start your review of OAuth and Proof of Possession - The Long Way Round

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.