10.安全考量(10. Security Considerations)

10.安全考量

作为一个灵活的可扩展的框架，OAuth的安全性考量依赖于许多因素。 以下小节提为实现者提供了聚焦在2.1节所述的三种客户端配置上的安全指南：Web应用、基于用户代理的应用和本地应用程序。

全面的OAuth安全模型和分析以及该协议设计的背景在[OAuth-THREATMODE]中提供。

 

10. Security Considerations

   As a flexible and extensible framework, OAuth's security
   considerations depend on many factors.  The following sections
   provide implementers with security guidelines focused on the three
   client profiles described in Section 2.1: web application,
   user-agent-based application, and native application.

   A comprehensive OAuth security model and analysis, as well as
   background for the protocol design, is provided by
   [OAuth-THREATMODEL].