-
Yesterday @titanous told me we should take a second look at The Update Framework ([TUF](https://github.com/theupdateframework/tuf/blob/develop/docs/tuf-spec.txt)) for addressing a number of things aro…
-
### Pitch
In order to further securing OAuth flows for Mastodon, once we have PKCE (#30329) implemented, we should consider supporting [RFC 9207](https://www.rfc-editor.org/rfc/rfc9207.html) which ad…
-
### Description
The link , which appears twice in `asciidoc/security-openid-connect-client-reference.adoc`, returns a "404 File not found" error.
### Implementation ideas
Replace with .
-
**Problem description**
The UML flows do not show an aggregator / channel partner (https://github.com/camaraproject/NumberVerification/blob/main/documentation/API_documentation/assets/uml_v0.3.jpg). …
-
We need to define a solid Threat Model. Initial comment by [Wess](https://github.com/expressjs/discussions/issues/165#issuecomment-1974869493)
**Resources**
- https://github.com/nodejs/node/pull…
-
### Description
Currently using Node-RED alone i can securing Node-RED by enabling HTTPS access (https://nodered.org/docs/user-guide/runtime/securing-node-red). But in flowforge, i did not found any …
-
### Description
The benchmark suite should cover this by default to ensure adequate performance.
### Discussion
_No response_
### Motivation
Dynamic Client Registration (DCR) is part of the OpenI…
-
```
securing xml-rpc messages (other players can eventually cheat by sniffing
the network)
```
Original issue reported on code.google.com by `guy...@gmail.com` on 21 Jul 2007 at 4:22
-
We should support changing password of alias key or bls key to make it easy to rotate the password.
Second option to consider is do this outside of our AVS code, which maybe a better option to avo…
-
https://help.github.com/en/articles/securing-your-github-pages-site-with-https