2E/ Securely Store Secrets / Kyle Peacock

From IIW

Session 1E

Secure Secret Storage


Session Convener: Kyle Peacock

Notes-taker(s): Kyle Peacock


Tags / links to resources / technology discussed, related to this session:


Rich Authorization Request / Gnap - oauth standards


Secure Ecmascript - https://github.com/tc39/proposal-ses


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


The discussion is how to protect and store resources against cross-site scripting attacks, possibly requiring user interaction to access.


Outcomes -

  • Cookies aren’t ideal
  • There may be some potential with Fido
  • Secure Ecmascript is the most likely standard that will be able to help
  • No definite answer today
Retrieved from "https://iiw.idcommons.net/index.php?title=2E/_Securely_Store_Secrets_/_Kyle_Peacock&oldid=24580"