oauth 2.0

OAuth 2.0 leader resigns, says standard is 'bad'

OAuth 2.0 promised to improve authentication on the Net, but its author has resigned from the project after concluding the standard "is a bad protocol."

"When compared with OAuth 1.0, the 2.0 specification is more complex, less interoperable, less useful, more incomplete, and most importantly, less secure," Eran Hammer-Lahav said in a blog post yesterday. "I resigned my role as lead author and editor, [withdrew] my name from the specification, and left the working group...Deciding to move on from an effort I have led for over five years was agonizing." … Read more

Originally posted at Internet & Media

July 27, 2012 1:37 AM PDT By Stephen Shankland

Topics:

Corporate and legal

Tags:

standards,

OAuth,

OAuth 2.0