On 12/10/2009 6:22 AM, Raffi Krikorian wrote:
we're not making any fundamental changes to oauth - your apps should
continue to work fine.
the changes that we are making involve implementing
this will allow applications to obtain oauth tokens for a user given
the user's username / password.
okay, forgive me if I'm wrong, but wasn't the whole point of oAuth that
the application didn't need to know the username/password? That the
user would grant access to the application and then the application
would store that rather than the actual username/password. Or am I
missing the point of going to an oAuth system?