73°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

Thursday, November 26, 2020

← Older → Newer
  • 10:07pm
    Asleep
    7:03am
    Awake
    8h 56m
    Slept
    18m
    Awake for
    Portland, Oregon, USA • 45°F
    Thu, Nov 26, 2020 7:03am -08:00
  • Alessio Caiazza https://abisso.org/   •   Nov 26

    Implementing avatars timeline

    Aaron Parecki
    This is a great idea!
    Portland, Oregon • 46°F
    Thu, Nov 26, 2020 9:52am -08:00
  • Peter Holz https://twitter.com/nu4ur   •   Nov 26
    Hi @aaronpk, do you know if any OAuth provider like Okta allows to set refresh tokens as HttpOnly cookie and whose token endpoint reads that cookie? Asking for a browser-based public client which can't safely store refresh tokens outside of memory otherwise.
    Aaron Parecki
    That's non-standard behavior so I'm not sure anyone is doing that. But there is some discussion about bringing this idea into the working group for standardization.
    Portland, Oregon • 47°F
    1 like 2 replies
    Thu, Nov 26, 2020 11:21am -08:00
  • Aaron Parecki
    Contributions from: Canada, Germany, Hong Kong, Netherlands, United Kingdom
    Thu, Nov 26, 2020 11:52am -08:00
  • evil-authorization-server.php

    <?php
    continue reading...
    Thu, Nov 26, 2020 12:02pm -08:00
  • Aaron Parecki
    Contributions from: Canada, Germany, Hong Kong, Netherlands, United Kingdom, United States
    Thu, Nov 26, 2020 1:06pm -08:00
  • Vegetable Turkey
    Portland, Oregon, USA • 49°F
    Thu, Nov 26, 2020 1:15pm -08:00
  • Peter Holz https://twitter.com/nu4ur   •   Nov 26
    Thanks! Rotation doesn't help against the theft itself, only alerts afterwards. I'm not familiar with sender constraints, but probably difficult to implement for public clients? Cookies would be a simple and proven solution, at least for *browser-based* public clients.
    Aaron Parecki
    Yep I agree, there's a draft I'm planning on taking to the group to suggest exactly this.
    Portland, Oregon • 50°F
    1 like
    Thu, Nov 26, 2020 4:06pm -08:00
  • Den Delimarsky https://twitter.com/DennisCode
    Internet of things.
    Portland, Oregon • 47°F
    Thu, Nov 26, 2020 11:17pm +00:00 (liked on Thu, Nov 26, 2020 6:44pm -08:00)
  • Mark Rendle and 3 others https://twitter.com/markrendle
    RT if you were part of that tiny 1993 bar.
    Portland, Oregon • 46°F
    Tue, Nov 24, 2020 11:16am +00:00 (liked on Thu, Nov 26, 2020 8:07pm -08:00)
  • Everything you need to know about MacBook Pros and (their lack of) DisplayPort MST (Multi-Stream) support | by John M. Kuchta | Medium (medium.com)
    Thu, Nov 26, 2020 8:58pm -08:00 #mst #macos
  • Guide: Creating Isolated Networks with Ubiquiti UniFi · vNinja.net (vninja.net)
    Thu, Nov 26, 2020 9:24pm -08:00 #networking #unifi #network #wifi
← Older → Newer

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv