Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: phranque
OAuth 2.0 promised to improve authentication on the Net, but its author has resigned from the project after concluding the standard "is a bad protocol."
"When compared with OAuth 1.0, the 2.0 specification is more complex, less interoperable, less useful, more incomplete, and most importantly, less secure," Eran Hammer-Lahav said in a blog post yesterday. "I resigned my role as lead author and editor, [withdrew] my name from the specification, and left the working group...Deciding to move on from an effort I have led for over five years was agonizing."