• behance
  • gitHub
  • google
  • linkedin
  • twitter
OAuth 2.0 – Spec?

OAuth 2.0 – Spec?

It’s no surprise that Eren left the group.  Reading through the OAuth 2.0 spec I found this paragraph:

“OAuth 2.0 provides a rich authorization framework with well-defined security properties. However, as a rich and highly extensible framework with many optional components, on its own, this specification is likely to produce a wide range of non-interoperable implementations.”

Eh?  A security spec that will produce non-interoperable implementations is not a spec imho …

Leave a reply

*