On Oct 8, 2024, at 6:13 PM, Alec L via WG-UMA <wg-uma@kantarainitiative.org> wrote:Hi Gabriel, thank you for sharing this with the list
I'm certainly interested in knowing more about the vulnerability and how to address it in our implementationIf other implementors would like the information, please reply here (or let me know directly) and we can coordinate an ad-hoc discussion on this topic
Best,
- Alec_______________________________________________On Wed, Oct 2, 2024 at 10:01 AM Gabriel Corona <gabriel.corona@free.fr> wrote:Hi,
While testing UMA 2.0, I found that the protocol was vulnerable to a
vulnerability (which may not apply in some deployments).
It might be interesting to start by discussing this topic off-list in
order to let the implementers the opportunity to implement suitable
mitigations before public disclosure. Please let me know if you would be
interested.
If you know the contact of any other implementers please let me know.
Regards,
Gabriel Corona
_______________________________________________
A Community Group mailing list of KantaraInitiative.org
WG-UMA mailing list -- wg-uma@kantarainitiative.org
To unsubscribe send an email to staff@kantarainitiative.org
List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/wg-uma@kantarainitiative.org/
______
Group wiki -- https://kantara.atlassian.net/wiki/spaces/WG-UMA
A Community Group mailing list of KantaraInitiative.org
WG-UMA mailing list -- wg-uma@kantarainitiative.org
To unsubscribe send an email to staff@kantarainitiative.org
List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/wg-uma@kantarainitiative.org/
______
Group wiki -- https://kantara.atlassian.net/wiki/spaces/WG-UMA
