Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360
9 December 2025 - 1 hour 7 minsThe MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new spec like this.
Segment resources:
https://aaronparecki.com/2025/11/25/1/mcp-authorization-spec-update https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html https://oauth.net/cross-app-access/ https://oauth.net/2/oauth-best-practice/ Visit https://www.securityweekly.com/asw for all the latest episodes!
Show...
Series Episodes
Miss Cleo, Whisperpair, Fortisiem, REDVDS, Google, Spying, Rob Allen and More... - Rob Allen - SWN #547
39 mins
16 January Finished
The Future Of Proactive Security Before Building an AI Enabled Enterprise - Erik Nost - BSW #430
55 mins
14 January Finished
Are you dead?, AI Hellscape, Copilot, Blue Delta, Quishing, Confer, Aaran Leyland... - SWN #546
36 mins
13 January Finished
The State of Cybersecurity Hiring, 2026 content plans, and the weekly news - ESW #441
1 hour 35 mins
12 January Finished
