03.11.2014, 23:59, "Sam Roberts" <[email protected]>: >>> Have you considered OAUTH, so that passwords don't flow through your >>> server at all? >> Given the controversy around oauth2 [4] > > One loud critic doesn't equate to a controversy.
Yes, it does if arguments he makes are valid. oauth and oauth2 are completely different things though. First one is a good thing that worth looking into, although signature is a bit too complex. Second one isn't even a proper standard, because there is no interoperability. I'm curious about browserid though. Is it already used somewhere in the wild? -- Job board: http://jobs.nodejs.org/ New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/2291831415050488%40web15h.yandex.ru. For more options, visit https://groups.google.com/d/optout.
