On Fri, Mar 12, 2010 at 12:42 PM, David Recordon <[email protected]> wrote: > Was catching up with Raffi from Twitter yesterday and he pointed me > to http://mehack.com/oauth-echo-delegation-in-identity-verificatio. PDF > also attached.
My read is that this is basically creating temporary passwords for users. It works well when if all of the twitter relying parties trust each other. It doesn't work if they don't trust each other (in the same way that sharing passwords with sites that don't trust each other is bad.) Have I understood it properly? Cheers, Brian _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
