http://www.rfc-editor.org/rfc/rfc6819.txt
RFC 6819: OAuth 2.0 Threat Model and Security Considerations, T. Lodderstedt, M. McGloin, P. Hunt2013-01-01T23:00:00-00:00This document gives additional security considerations for OAuth, beyond those in the OAuth 2.0 specification, based on a comprehensive threat model for the OAuth 2.0 protocol. This document is not an Internet Standards Track specification; it is published for informational purposes.