On Apr 24, 5:20 pm, Luca Mearelli <luca.meare...@gmail.com> wrote: > I'd say that if the application has the concept of an identity it > should be a sensible practice to generate it beforehand and educate > its users to recognize it (it would work as an anti-phishing measure).
Isn't it better to spend the time and effort educating users on when to give access to third party applications and when to deny it? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---