AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
3min chapter
Episode 526: Brian Campbell on Proof of Possession Defenses
Software Engineering Radio - the podcast for professional software developers
OAuth
In an open deployment, the self-signed certificate is sufficient because the trust is established through the registration of that certificate for that particular client. So it doesn't have to be a closed environment to facilitate it. It's just relying on a little bit of different trust model. And then you have to, things have to be set up such that your servers will accept any trust anchor. They basically are told to turn off validating the trust anchor. The OAuth layers on top of that and says, okay, great, you've proven possession of the key. Is that in fact the key that I'm supposed to get for this client? If so, authenticate good, if not authent
00:00
Transcript
Episode notes
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode