I’ve submitted my draft of XYZ as an ID:
https://tools.ietf.org/html/draft-richer-transactional-authz-00
— Justin
On May 6, 2019, at 3:43 PM, Justin Richer
mailto:jric...@mit.edu>> wrote:
In a vein related to Torsten’s recent thread and blog post, I’ve also been
working on a proposal around
OAuth 2 is definitely not going anywhere any time soon. It solves a suite of
problems really well, in a way that developers can get right more often than
not. Even so, I think it’s time to start looking toward what’s next. It’s not
up to me whether this deserves the OAuth branding or not, but I
OAuth 2.0 has its merits and will be around for the next 20 years or so;
yet we're bumping into its limitations every day if not only for its
complexity and the incomprehensibility for regular IT peeps that don't have
the full historical background; support for transactions is obviously
missing
In a vein related to Torsten’s recent thread and blog post, I’ve also been
working on a proposal around Transactional OAuth. As many of you know, I wrote
a blog post about the basic idea last fall, and now I’ve got something a bit
more concrete online that people can poke around with. I’m
