On 11/11/14, 2:40 PM, Hannes Tschofenig wrote:
I was unable to attend the UTA meeting today but I had a chance to look
at the slides.
To my surprise I had to notice that the authors have re-created a number
of mechanisms we created in OAuth.
I am wondering whether the authors are aware of this or whether this
re-design (with just minor variations) is intentional.
In either case it isn't great and I encourage the authors to take a look
at already ongoing efforts.
Well, OAuth is just Kerberos for the Web, right? ;-)
It *could* be (I haven't looked at the slides) that the same underlying
pattern from Kerberos and OAuth/OAuth2 can be applied to UTA in new and
different and interesting ways.
But in general I'd agree that it's a bit early to be building something
completely new, given that OAuth is of recent vintage.
Peter
--
Peter Saint-Andre
https://andyet.com/
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
