OAuth’s use of “Consumer Developer” versus “Consumer” can be confusing.
It can sound like the OAuth spec is trying to distinguish: the software developer who wrote a web app; from a web site where the web app is deployed. A software developer can write lots of web apps. A web app can be installed on lots of independent web sites. I don’t think this is the intention. The desired difference is between a human (“Application Owner”) who can complete a registration process, and a computer program (“Application”) that is configured with keys and secrets. It might be clearer to avoid the “Consumer Developer” term – perhaps saying that a Key and Secret must be obtained for a Consumer from the Service Provider. James Manger [email protected]<mailto:[email protected]> Identity and security team — Chief Technology Office — Telstra --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
