85°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

Wednesday, July 22, 2020

← Older → Newer
  • OAuth Security Workshop
    Jul
    22
    Jul
    23
    Jul
    24
    July 22-24, 2020
    3 days
    Scandic Nidelven
    Trondheim, Trøndelag, NOR
    permalink #oauth #okta
  • 9:50pm
    Asleep
    4:22am
    Awake
    6h 32m
    Slept
    10m
    Awake for
    Portland, Oregon, USA
    Wed, Jul 22, 2020 4:22am -07:00
  • Vladimir Dzhuvinov πŸ‡ͺπŸ‡Ί πŸ‡§πŸ‡¬ https://twitter.com/dzhuvi
    Today @aaronpk will be presenting #OAuth 2.1. The core OAuth grants are getting consolidated, security gets hardened with PKCE #osw2020 https://barcamptools.eu/oauth-security-workshop-2020/events/0d0423b6-5924-4e6f-8b3b-63edbbe0ae59/oauth_2_1
    Portland, Oregon • 64°F
    Wed, Jul 22, 2020 8:56am +00:00 (liked on Wed, Jul 22, 2020 4:52am -07:00) #OAuth #osw2020
  • Henrik Carlsson   •   permalink
    Aaron Parecki
    Yeah! I've been giving sneak peeks on my livestreams, but once I get things a little more polished off I'll do a proper video on it! (Wait til you see what I have planned for the ceiling lights!)
    Portland, Oregon • 64°F
    1 reply
    Wed, Jul 22, 2020 4:55am -07:00
  • Protecting Single-Page Apps using OAuth
    Jul
    22
    July 22, 2020 5:30am - 6:00am (-0700)
    Online
    OAuth Security Workshop
    View Slides
    permalink #oauth #security
  • Dr. Fett https://twitter.com/dfett42
    #osw2020
    Portland, Oregon • 64°F
    Wed, Jul 22, 2020 12:44pm +00:00 (liked on Wed, Jul 22, 2020 5:59am -07:00) #osw2020
  • Taka@Authlete, BaaS for OAuth 2.0 & OpenID Connect https://twitter.com/darutk
    "PROTECKING SINGLE-PAGE APPS USING OAUTH" by Aaron Parecki (@aaronpk) in #osw2020. Single-Page Application architectures are introduced.
    Portland, Oregon • 64°F
    Wed, Jul 22, 2020 1:00pm +00:00 (liked on Wed, Jul 22, 2020 6:10am -07:00) #osw2020
  • Aaron Parecki
    My view today for the OAuth Security Workshop! #osw2020
    Portland, Oregon • 64°F
    17 likes 2 reposts 2 replies
    Wed, Jul 22, 2020 6:31am -07:00 #oauth #osw2020
  • Henrik Carlsson   •   permalink
    Aaron Parecki
    I have it set up to pull my YouTube videos back to my website as blog posts that embed the YouTube video. I mostly consider my YouTube content separate right now, mainly because I am actually trying to play the YouTube game.

    https://aaronparecki.com/videos

    I think I saw your first reply in my micro.blog feed. This one showed up as a webmention but there was no content in it.
    Portland, Oregon • 64°F
    1 reply
    Wed, Jul 22, 2020 7:11am -07:00
  • Becki (& Chris) https://twitter.com/beckiandchris   •   Jul 22
    Question, are YouTube channel trailers still a thing?
    Aaron Parecki
    I've never enjoyed watching a channel trailer, and I hate that they autoplay
    Portland, Oregon • 64°F
    4 likes 1 reply
    Wed, Jul 22, 2020 7:13am -07:00
  • Becki (& Chris) https://twitter.com/beckiandchris
    The auto play drives me nuts, it’s like having music on a website
    Portland, Oregon • 64°F
    Wed, Jul 22, 2020 2:14pm +00:00 (liked on Wed, Jul 22, 2020 7:16am -07:00)
  • OAuth 2.1
    Jul
    22
    July 22, 2020 7:30am - 8:00am (-0700)
    Online
    OAuth Security Workshop
    View Slides
    permalink #oauth #security
  • Aaron Parecki
    Contributions from: Canada, France, Greece, Japan, Russian Federation, Ukraine, United Kingdom, United States
    Wed, Jul 22, 2020 7:59am -07:00
  • Vladimir Dzhuvinov πŸ‡ͺπŸ‡Ί πŸ‡§πŸ‡¬ https://twitter.com/dzhuvi
    OAuth 2.1 becomes the simpler & more secure #OAuth. A bunch of existing RFCs and drafts roll into one, so easier to follow too. Presented by @aaronpk at the #osw2020
    Portland, Oregon • 64°F
    Wed, Jul 22, 2020 2:57pm +00:00 (liked on Wed, Jul 22, 2020 8:16am -07:00) #OAuth #osw2020
  • Taka@Authlete, BaaS for OAuth 2.0 & OpenID Connect https://twitter.com/darutk
    Another client type "credentialed", in addition to "public" and "confidential". The concept is being explained by Aaron (@aaronpk) in #osw2020.

    The OAuth 2.1 Authorization Framework
    https://tools.ietf.org/html/draft-parecki-oauth-v2-1
    Portland, Oregon • 64°F
    Wed, Jul 22, 2020 2:48pm +00:00 (liked on Wed, Jul 22, 2020 8:17am -07:00) #osw2020
  • Taka@Authlete, BaaS for OAuth 2.0 & OpenID Connect https://twitter.com/darutk
    "OAUTH 2.1" by Aaron Parecki (@aaronpk) in OAuth Security Workshop 2020 (#osw2020).

    https://barcamptools.eu/oauth-security-workshop-2020/events/0d0423b6-5924-4e6f-8b3b-63edbbe0ae59/oauth_2_1

    OAuth 2.1 aims to simplify the maze of the specifications.
    Portland, Oregon • 64°F
    Wed, Jul 22, 2020 2:40pm +00:00 (liked on Wed, Jul 22, 2020 8:17am -07:00) #osw2020
  • Jim Manico https://twitter.com/manicode
    Theory: Twitter internal tools were comprised via CSRF due to insider information.
    Portland, Oregon • 64°F
    Wed, Jul 22, 2020 2:51pm +00:00 (liked on Wed, Jul 22, 2020 8:18am -07:00)
  • Mitch https://mastodon.xyz/@mitchkiah

    @aaronpk woah, love the paint there!

    Portland, Oregon • 65°F
    Wed, Jul 22, 2020 3:49pm +00:00 (liked on Wed, Jul 22, 2020 8:49am -07:00)
  • Audrey Ember πŸ”₯ https://twitter.com/AudreyEmber   •   Jul 22
    I'm so sick of men saying they support women being entrepreneur's and doing their own thing, only to turn around and make 'jokes' about wanting a girlfriend so that they can do their laundry. Hello? Sorry, I think you dropped something called SELF AWARENESS.
    Aaron Parecki
    ew what? I don't want anyone doing my laundry but me!
    Portland, Oregon • 66°F
    3 likes
    Wed, Jul 22, 2020 9:33am -07:00
  • Vladimir Dzhuvinov πŸ‡ͺπŸ‡Ί πŸ‡§πŸ‡¬ https://twitter.com/dzhuvi   •   Jul 22
    How do you find the new "credentialed" term? Been wondering if a better name could be given to this in-between class of clients
    Aaron Parecki
    Suggestions welcome, but I like that it's pretty descriptive: "credentialed clients are clients that have credentials"
    Portland, Oregon • 66°F
    2 replies
    Wed, Jul 22, 2020 9:36am -07:00
  • Vladimir Dzhuvinov πŸ‡ͺπŸ‡Ί πŸ‡§πŸ‡¬ https://twitter.com/dzhuvi   •   Jul 22
    I can imagine a lot of thought was already spent on this :) Is a public client which uses a client certificate solely for the purpose of obtaining a private key bound token considered credentialed?
    Aaron Parecki
    The text in the spec is "Clients that have credentials and their identity has been not been confirmed by the AS are designated as 'credentialed clients'", so that includes dynamic registration or the client bringing its own certificate, so yes :-)
    Portland, Oregon • 66°F
    1 like
    Wed, Jul 22, 2020 9:46am -07:00
  • Dr. Fett https://twitter.com/dfett42
    In this study by @____pieter____ 56% of OAuth providers are susceptible to the PKCE Sidestep attack that I described in https://danielfett.de/2020/05/16/pkce-vs-nonce-equivalent-or-not/ #osw2020
    Portland, Oregon • 71°F
    Wed, Jul 22, 2020 6:53pm +00:00 (liked on Wed, Jul 22, 2020 11:59am -07:00) #osw2020
  • Aaron Parecki
    Contributions from: Canada, France, Greece, Japan, Russian Federation, Ukraine, United Kingdom, United States
    Wed, Jul 22, 2020 1:37pm -07:00
  • jeremycherfas https://micro.blog/jeremycherfas   •   Jul 22

    @aaronpk Very cool baffle on the light fitting.

    Aaron Parecki
    It's a honeycomb grid to reduce how much light spills off to the sides!
    Portland, Oregon • 75°F
    Wed, Jul 22, 2020 1:42pm -07:00
  • Adobe Care https://twitter.com/AdobeCare   •   Jul 15
    Thanks for sharing the information, Aaron. We've got your back. Have you tried resetting the preferences yet: https://adobe.ly/3822gPa
    If that doesn't help then try changing the renderer to Software Only: https://adobe.ly/2vWB85T
    Let us know how it goes. ^NK
    Aaron Parecki
    same same. I reset preferences and changed renderer. It still happened again. Pretty consistently after playing a dozen or so clips in the project window.
    Portland, Oregon • 75°F
    3 replies
    Wed, Jul 22, 2020 2:19pm -07:00
  • Lillian Karabaic πŸ₯„πŸ³οΈ‍🌈 BLM https://twitter.com/anomalily
    I thought I was supposed to get abs in quarantine, and all I got was a deep distrust of late-stage capitalism.
    Portland, Oregon • 75°F
    Wed, Jul 22, 2020 6:39pm +00:00 (liked on Wed, Jul 22, 2020 2:20pm -07:00)
  • Adobe Care https://twitter.com/AdobeCare   •   Jul 22
    That's weird! The issue seems to be with the footage from the same source. Could you share a sample file with us through a direct message so that we can test it at our end? We'll stand by! ^Shivangi
    Aaron Parecki
    Sent, thanks!
    Portland, Oregon • 77°F
    Wed, Jul 22, 2020 3:20pm -07:00
  • Aaron Parecki
    Contributions from: Canada, France, Greece, Japan, Russian Federation, Ukraine, United Kingdom, United States
    Wed, Jul 22, 2020 3:47pm -07:00
  • BenderTubeπŸ“±πŸ”ŒπŸ’‘ https://twitter.com/BenderTubeOG
    A few days later than expected, but the new setup is 98% done βœ…. Just waiting for a couple cable management things for the last couple of wires
    Portland, Oregon • 72°F
    Thu, Jul 23, 2020 12:17am +00:00 (liked on Wed, Jul 22, 2020 8:51pm -07:00)
  • Aaron Parecki
    Why yes I *am* holding my laptop over the air conditioner to cool the CPU while I export my video so that it goes faster why did you ask
    Portland, Oregon • 70°F
    21 likes 2 reposts
    Wed, Jul 22, 2020 9:28pm -07:00 #video #youtube
← Older → Newer

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • πŸŽ₯ YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • βš™οΈ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv