I certainly don't think it's dead - Eran makes some important points and the current 2.0 spec has certainly dragged a long time to get final. The biggest concern is fragmentation between implementations - the suggestion of using a concrete instantiation (e.g. Facebook) only take you so far.
The IETF group is still a legitimate body, with a legitimate process - however given the nature of the criticisms and who they come from, I'd hope someone from that group steps forward and outlines a response and -- for the legitimate comments perhaps an evolutionary path. There are also some other potential efforts to monkey patch oAuth 1.0a - eg. see: http://news.ycombinator.com/item?id=4294959, but who knows where these will go. I wouldn't call oAuth dead - it's the best pattern we have for this kind of thing, but there's certainly a danger of fragmentation right now. steve. On Jul 29, 2012, at 6:24 AM, André Fiedler wrote: > OAuth 2.0 and the Road to Hell: > http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/ > > > 2012/4/15 Hannes Tschofenig <[email protected]> > You can subscribe to the IETF OAuth mailing list here: > http://datatracker.ietf.org/wg/oauth/charter/ > > (On the left side you can find the links to the subscribe page as well as to > the archive. If you look at the archive at > http://www.ietf.org/mail-archive/web/oauth/current/maillist.html you will > notice that there are "a few mails since May 2009...) > > On Mar 21, 2012, at 11:06 AM, André Fiedler wrote: > > > Ok, many thanks for your answers. So I will build upon OAuth (OAuth > > Provider) and hope this is the right step. > > > > 2012/3/21 Nat Sakimura <[email protected]> > > So it has moved on to IETF from oauth.org. > > > > Google, Facebook among others have been implementing OAuth 2.0 various > > revisions to this date. > > OAuth 2.0 in IETF is near its completion. > > > > Best, > > > > Nat > > > > > > On Tue, Mar 20, 2012 at 4:16 AM, SunboX <[email protected]> > > wrote: > > Last Blog-Post on oauth.net is from may 2009. All php libraries are > > sleeping since one year (http://code.google.com/p/oauth-php/source/ > > list). > > Who did see OAuth 2.0 somewhere? > > > > Is OAuth death? > > > > -- > > You received this message because you are subscribed to the Google Groups > > "OAuth" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group at > > http://groups.google.com/group/oauth?hl=en. > > > > > > > > > > -- > > Nat Sakimura (=nat) > > Chairman, OpenID Foundation > > http://nat.sakimura.org/ > > @_nat_en > > > > > > -- > > You received this message because you are subscribed to the Google Groups > > "OAuth" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group at > > http://groups.google.com/group/oauth?hl=en. > > > > > > -- > > You received this message because you are subscribed to the Google Groups > > "OAuth" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group at > > http://groups.google.com/group/oauth?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "OAuth" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/oauth?hl=en. > > > > -- > You received this message because you are subscribed to the Google Groups > "OAuth" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/oauth?hl=en. -- You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
