It’s no surprise that Eren left the group. Reading through the OAuth 2.0 spec I found this paragraph:
“OAuth 2.0 provides a rich authorization framework with well-defined security properties. However, as a rich and highly extensible framework with many optional components, on its own, this specification is likely to produce a wide range of non-interoperable implementations.”
Eh? A security spec that will produce non-interoperable implementations is not a spec imho …
It’s no surprise that Eren left the group. Reading through the OAuth 2.0 spec I found this paragraph:
“OAuth 2.0 provides a rich authorization framework with well-defined security properties. However, as a rich and highly extensible framework with many optional components, on its own, this specification is likely to produce a wide range of non-interoperable implementations.”
Eh? A security spec that will produce non-interoperable implementations is not a spec imho …