Hi Hannes, Do you think there will some sort of (semi?)formal response from the IETF group? I can understand that they might not want to, but some of the points made seem salient, the problem is/will become what recommendations go out to people what to implement.
We get that question very regularly from users, so we have our thinking caps on at the moment. steve. On Jul 29, 2012, at 2:59 PM, Hannes Tschofenig wrote: > Thanks for sharing your views, Steve. > > I agree with your statements below and it would indeed be strange if Eran > gets to decide that a technology dies (that is already widely implemented and > deployed). > > I would have liked to get the specification finished earlier myself and, > funny enough, Eran is also responsible for the delay (although not the only > person). > > > On Jul 29, 2012, at 2:38 PM, Steven WIllmott wrote: > >> >> I certainly don't think it's dead - Eran makes some important points and the >> current 2.0 spec has certainly dragged a long time to get final. The biggest >> concern is fragmentation between implementations - the suggestion of using a >> concrete instantiation (e.g. Facebook) only take you so far. >> >> The IETF group is still a legitimate body, with a legitimate process - >> however given the nature of the criticisms and who they come from, I'd hope >> someone from that group steps forward and outlines a response and -- for the >> legitimate comments perhaps an evolutionary path. >> >> There are also some other potential efforts to monkey patch oAuth 1.0a - eg. >> see: http://news.ycombinator.com/item?id=4294959, but who knows where these >> will go. >> >> I wouldn't call oAuth dead - it's the best pattern we have for this kind of >> thing, but there's certainly a danger of fragmentation right now. >> >> steve. >> >> >> On Jul 29, 2012, at 6:24 AM, André Fiedler wrote: >> >>> OAuth 2.0 and the Road to Hell: >>> http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/ >>> >>> >>> 2012/4/15 Hannes Tschofenig <[email protected]> >>> You can subscribe to the IETF OAuth mailing list here: >>> http://datatracker.ietf.org/wg/oauth/charter/ >>> >>> (On the left side you can find the links to the subscribe page as well as >>> to the archive. If you look at the archive at >>> http://www.ietf.org/mail-archive/web/oauth/current/maillist.html you will >>> notice that there are "a few mails since May 2009...) >>> >>> On Mar 21, 2012, at 11:06 AM, André Fiedler wrote: >>> >>>> Ok, many thanks for your answers. So I will build upon OAuth (OAuth >>>> Provider) and hope this is the right step. >>>> >>>> 2012/3/21 Nat Sakimura <[email protected]> >>>> So it has moved on to IETF from oauth.org. >>>> >>>> Google, Facebook among others have been implementing OAuth 2.0 various >>>> revisions to this date. >>>> OAuth 2.0 in IETF is near its completion. >>>> >>>> Best, >>>> >>>> Nat >>>> >>>> >>>> On Tue, Mar 20, 2012 at 4:16 AM, SunboX <[email protected]> >>>> wrote: >>>> Last Blog-Post on oauth.net is from may 2009. All php libraries are >>>> sleeping since one year (http://code.google.com/p/oauth-php/source/ >>>> list). >>>> Who did see OAuth 2.0 somewhere? >>>> >>>> Is OAuth death? >>>> >>>> -- >>>> You received this message because you are subscribed to the Google Groups >>>> "OAuth" group. >>>> To post to this group, send email to [email protected]. >>>> To unsubscribe from this group, send email to >>>> [email protected]. >>>> For more options, visit this group at >>>> http://groups.google.com/group/oauth?hl=en. >>>> >>>> >>>> >>>> >>>> -- >>>> Nat Sakimura (=nat) >>>> Chairman, OpenID Foundation >>>> http://nat.sakimura.org/ >>>> @_nat_en >>>> >>>> >>>> -- >>>> You received this message because you are subscribed to the Google Groups >>>> "OAuth" group. >>>> To post to this group, send email to [email protected]. >>>> To unsubscribe from this group, send email to >>>> [email protected]. >>>> For more options, visit this group at >>>> http://groups.google.com/group/oauth?hl=en. >>>> >>>> >>>> -- >>>> You received this message because you are subscribed to the Google Groups >>>> "OAuth" group. >>>> To post to this group, send email to [email protected]. >>>> To unsubscribe from this group, send email to >>>> [email protected]. >>>> For more options, visit this group at >>>> http://groups.google.com/group/oauth?hl=en. >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "OAuth" group. >>> To post to this group, send email to [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]. >>> For more options, visit this group at >>> http://groups.google.com/group/oauth?hl=en. >>> >>> >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "OAuth" group. >>> To post to this group, send email to [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]. >>> For more options, visit this group at >>> http://groups.google.com/group/oauth?hl=en. >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "OAuth" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/oauth?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "OAuth" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/oauth?hl=en. > -- You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
