> > The problem here is distinguishing the two. OAuth doesn't (and I was
> > told this by one of the people on the OAuth committee) specifically
> > allow you to unambiguously and securely identify an application just
> > because it has a certain app key
> Huh? Can you translate this into either English or pseudo-code? I fill
> out a form. The app gets a name, which must be unique. And I choose
> between a desktop exclusive-or server app (PIN workflow exclusive-or
> callback workflow) with a radio button.  I get a consumer key and
> consumer secret, also, I'm assuming, unique.

Didn't we just get done with a thread where people complained, correctly,
that a desktop app containing a consumer key/secret can't keep those
things secret?

------------------------------------ personal: http://www.cameronkaiser.com/ --
  Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com
-- Of course, what I really want is total world domination. -- Linus Torvalds -

Reply via email to