The advantage to the end user of oAuth is that the client application doesn't need the user's password anymore, the user's passwords are exchanged ONLY with twitter, and cannot be sniffed/stored/whatever by the client application. There is a very strong security advantage.
On Mon, May 18, 2009 at 7:30 AM, H.Hiro(Maraigue) <[email protected]>wrote: > > Hello, > > I COULD NOT UNDERSTAND why Twitter so much encourages OAuth, in spite > of costing API users. > > I read the section "What Does OAuth Give Me? (a.k.a. Why Bother?)" of > this article: > http://apiwiki.twitter.com/OAuth+Example+-+Ruby , > but I could not find what is the advantage of using OAuth *for client- > software makers* . > > Client softwares must know end-users'(i.e. account holders') login > names and passwords, so I think there aren't more advantage of using > OAuth than basic-auth. >
