If beta for you guys means "still in testing, not suitable for production use", then why depreciate key features from basic auth like source registration before you have a production ready release?
On Apr 22, 3:27 pm, Alex Payne <[email protected]> wrote: > http://blog.twitter.com/2009/04/whats-deal-with-oauth.html > > In short: there's a security issue with OAuth, and the major OAuth > providers are working together to patch the vulnerability before > information about the issue is publicly released. That information > will be available athttp://oauth.net/at midnight, PST. > > In cooperation with this consortium of other OAuth providers > (including Yahoo!, Google, Netflix, etc.), we agreed not to disclose > the nature of the vulnerability, nor even that a vulnerability > existed, until all members of the group agreed to do so. I apologize > for what must have seemed unnecessarily tight-lipped communication > around this issue, but please understand that we and the other > companies involved are trying to mitigate the impact of this > vulnerability as much as possible. > > Please also note that our OAuth support is in beta, albeit public > beta. We have not suggested to developers that they rely solely on > OAuth until our support of the standard leaves beta. I know that some > companies practice a policy of "perpetual beta", but at Twitter, we do > not. For us, "beta" really means "still in testing, not suitable for > production use". > > Thanks for your patience and understanding. > > -- > Alex Payne - API Lead, Twitter, Inc.http://twitter.com/al3x
