On 12/10/2009 6:22 AM, Raffi Krikorian wrote:
we're not making any fundamental changes to oauth - your apps should
continue to work fine.

the changes that we are making involve implementing
http://tools.ietf.org/html/draft-dehora-farrell-oauth-accesstoken-creds-00#section-4.
  this will allow applications to obtain oauth tokens for a user given
the user's username / password.



okay, forgive me if I'm wrong, but wasn't the whole point of oAuth that the application didn't need to know the username/password? That the user would grant access to the application and then the application would store that rather than the actual username/password. Or am I missing the point of going to an oAuth system?

Reply via email to