“Is OAuth Really Secure?” is the title of a talk I gave at the IBWAS’10 conference, last December. Is the OAuth protocol really secure? Even though the OAuth authorization protocol has been published as the RFC 5849 and is being widely adopted by large Internet companies, it’s important to stress out its possible security vulnerabilities. […]