Open bblfish opened 3 years ago
@elf-pavlik on gitter pointed to this October 2016 paper A Comprehensive Formal Security Analysis of OAuth 2.0 which was presented at CCS 2016. The video of the presentation is available on YouTube, for a nice relaxed late evening viewing. It looks like they put together a formalization of the web!
It would help to have a place to collect formalization of the (relevant parts of) the OAuth Protocols.
We can do this in this issue/question or create a wiki page to collect them. These could help build a formalization for OAuth as applied to Solid, which may help resolve some thorny issues, clarify what needs doing, etc... We'll only know when we know what has already been done.