Welcome to WebmasterWorld Guest from 54.161.149.107

Forum Moderators: phranque

OAuth's 2.0 Leader Resigns Over It Being "a bad protocol"

   
5:54 pm on Jul 27, 2012 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



That's rather worrying. It cannot afford to be a bad protocol, imho.

OAuth's 2.0 Leader Resigns Over It Being "a bad protocol" [news.cnet.com]
OAuth 2.0 promised to improve authentication on the Net, but its author has resigned from the project after concluding the standard "is a bad protocol."

"When compared with OAuth 1.0, the 2.0 specification is more complex, less interoperable, less useful, more incomplete, and most importantly, less secure," Eran Hammer-Lahav said in a blog post yesterday. "I resigned my role as lead author and editor, [withdrew] my name from the specification, and left the working group...Deciding to move on from an effort I have led for over five years was agonizing."

5:59 pm on Jul 27, 2012 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



If the person "in charge" can't get things going in the right direction, who the heck can?
2:43 am on Jul 30, 2012 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



I haven't kept up with OAuth lately. Are the implementations run by the big guys on this new 2.0?
 

Featured Threads

Hot Threads This Week

Hot Threads This Month