@techreport{ietf-oauth-browser-based-apps-17,
    number =    {draft-ietf-oauth-browser-based-apps-17},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-oauth-browser-based-apps/17/},
    author =    {Aaron Parecki and David Waite and Philippe De Ryck},
    title =     {{OAuth 2.0 for Browser-Based Apps}},
    pagetotal = 60,
    year =      2024,
    month =     feb,
    day =       28,
    abstract =  {This specification details the threats, attack consequences, security considerations and best practices that must be taken into account when developing browser-based applications that use OAuth 2.0. Discussion Venues This note is to be removed before publishing as an RFC. Discussion of this document takes place on the Web Authorization Protocol Working Group mailing list (oauth@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/oauth/. Source for this draft and an issue tracker can be found at https://github.com/oauth-wg/oauth-browser-based-apps.},
}