I was surprised that this announcement didn't garner more commentary
from the list here, as this decision worries me a little bit. There are
a lot of components of the OAuth protocol that aren't stabilized into a
real standard yet, and I'm worried that the Facebook implementation of
"OAuth 2.0" will become the de-facto standard before the IETF group can
come up with something final. 

Is Facebook committed to tracking the spec in its development? If so,
where does that put developers that need to change their libraries as
the underlying spec changes? If not, where does that leave the official
OAuth spec?

I will say that I am absolutely *thrilled* to see Facebook at the table,
and Luke and David have done some great work here. I am ecstatic that
Facebook is pushing away from a proprietary stack into an open standard
at all. Even so, I can't help but fear that we'll end up in a situation
where the largest vendor's extensions and quirks become better supported
than the real standard, like with HTML and CSS.

 -- Justin


On Wed, 2010-04-21 at 16:05 -0400, Greg Brail wrote:
> Whoa, it was!
> 
>  
> 
> So, does anyone know what Facebook is planning to do when the spec
> changes, which I assume it's going to keep doing for a while? 
> 
>  
> 
> I mean, the part of the spec that they're describing on the page has
> been pretty stable, but if I were building an app for the Facebook
> platform I'd be wondering.
> 
>  
> 
> From:[email protected] [mailto:[email protected]] On Behalf
> Of Allen Tom
> Sent: Wednesday, April 21, 2010 3:01 PM
> To: OAuth WG
> Subject: [OAUTH-WG] New service provider that supports OAuth 2.0
> 
> 
>  
> 
> Well that was fast!
> 
> http://developers.facebook.com/docs/authentication/
> 
> Allen
> 
> 


_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to