Confirmed users
28
edits
MOSS/Secure Open Source/Completed: Difference between revisions
no edit summary
m (Removed protection from "MOSS/Secure Open Source/Completed": Special page) |
No edit summary |
||
| Line 2: | Line 2: | ||
==2018== | ==2018== | ||
===oauth2-server=== | |||
Dates: September 2017 - February 2018 | |||
oauth2-server is the server for oauth2, an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service. It works by delegating user authentication to the service that hosts the user account, and authorizing third-party applications to access the user account. OAuth2 provides authorization flows for web and desktop applications, and mobile devices. The audit was performed by [https://leastauthority.com/ Least Authority]. | |||
The team found the following problems: | |||
* 1 High | |||
* 3 Medium | |||
* 1 Low | |||
* 2 Informational | |||
The documents are as follows: | |||
* [[Media:Oauth2-server-report-2.pdf|Audit report]] | |||
* [https://docs.google.com/document/d/1xSP-Cb3I2o1XtCK8EfYxdEBDpgDeLvinaFXRYvhbEeA/edit# Fix and validation log] | |||
===Knot DNS=== | ===Knot DNS=== | ||