On Thu, Apr 23, 2009 at 7:37 AM, Chris Messina <[email protected]> wrote: > To add to this perspective, OpenID is an assertion or identity protocol > whereas OAuth is designed as an access or authorization protocol. ... > That said, OAuth for Twitter authentication is okay, if you only ever want > to authenticate Twitter users. ...
Yes, we could say that an authorization delegation protocol might be used to identify a user by exchanging authorization for the access to a user-identifying end point (which is more or less what OAuth for Twitter authentication). I'm still thinking if this could or could not be extended to become a federated identity system (not that we need it, there's already OpenID for that!) Luca Mearelli --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
