[keycloak-dev] threat model

Bill Burke bburke at redhat.com
Thu Mar 27 13:17:18 EDT 2014


There is some good stuff in this document though that we need to 
implement specifically clickjacking:

http://tools.ietf.org/html/rfc6819#page-33

On 3/27/2014 1:05 PM, Bill Burke wrote:
> Great doc I finally found:
>
> http://tools.ietf.org/html/rfc6819
>
> After browsing it, I still can't find pros/cons of public vs.
> confidential clients.  Especially when we perform all the other
> validations suggested.
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list