stpeter
commented
6 years ago The specification for "OAuth 2.0 Threat Model and Security Considerations" would be a great point of comparison: https://tools.ietf.org/html/rfc6819
Open ianbjacobs opened 6 years ago
stpeter
commented
6 years ago The specification for "OAuth 2.0 Threat Model and Security Considerations" would be a great point of comparison: https://tools.ietf.org/html/rfc6819
Creating an individual issue from the list in #26 in reference to: https://github.com/w3c/webpayments-methods-tokenization/wiki/Tokenized-Card
"It would be good to define the threat model here so that we can improve the security considerations. The authors might want to look at https://www.owasp.org/index.php/Threat_Risk_Modeling from OWASP or a similar document."