On 28/03/2012 1:18 AM, Roy Smith wrote:
In article
<7909491.0.1332826232743.JavaMail.geo-discussion-forums@pbim5>,
Demian Brecht <demianbre...@gmail.com> wrote:
OAuth 2.0 is still in draft status (draft 25 is the current one I believe)
and yes, unfortunately every single server available at this point have
varying degrees of separation from the actual spec. It's not a
pseudo-standard, it's just not observed to the letter. Google is the closest
and Facebook seems to be the farthest away (Stack Exchange is in close second
due to building theirs to work like Facebook's).
In practice, OAuth is all about getting your site to work with Facebook.
That is all most web sites care about today because that's where the
money is. The fact that other sites also use OAuth is of mostly
academic interest at this point.
The next player on the list is Twitter, and they're not even up to using
their own incompatible version of OAuth 2.0. They're still using OAuth
1.0 (although, I understand, they're marching towards 2.0).
Almost all "social" or "sharing" sites implement OAuth - either 1.0 or
2.0. Facebook is clearly the big winner here but not the only player.
It's also used extensively by google (eg, even their SMTP server
supports using OAuth credentials to send email)
I'd go even further - most sites which expose an API use OAuth for
credentials with that API.
Mark
--
http://mail.python.org/mailman/listinfo/python-list
