I was thinking the same.

On Thu, Dec 10, 2009 at 9:33 AM, John Meyer <john.l.me...@gmail.com> wrote:

> On 12/10/2009 6:22 AM, Raffi Krikorian wrote:
>
>> we're not making any fundamental changes to oauth - your apps should
>> continue to work fine.
>>
>> the changes that we are making involve implementing
>>
>> http://tools.ietf.org/html/draft-dehora-farrell-oauth-accesstoken-creds-00#section-4
>> .
>>  this will allow applications to obtain oauth tokens for a user given
>> the user's username / password.
>>
>>
>>
>
>
> okay, forgive me if I'm wrong, but wasn't the whole point of oAuth that the
> application didn't need to know the username/password?  That the user would
> grant access to the application and then the application would store that
> rather than the actual username/password.  Or am I missing the point of
> going to an oAuth system?
>

Reply via email to