On 4/23/09 9:26 PM, Brian Eaton wrote: > That's not a good user experience, nor is it necessary to fix the > security problems in the protocol.
Let me say it another way: yanking support for OAuth in response to security issues is even worse user experience. Define the spec. such that it is sufficiently secure, then in future revisions work hard to pare it down to what is necessary and sufficient in order to improve the user experience. -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---