Tim Würtele
Web and Identity Protocols Security Researcher
Session
02-27
10:00
30min
Client Assertions Gone Wrong: When the Audience Takes Over the Show
Pedram Hosseyni, Tim Würtele
We present and discuss Audience Injection Attacks on signature-based client authentication, in which an honest client is tricked into providing the attacker with a valid client credential for an honest authorization server.
Kaldalón