1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 10:47 am May 21, 2026

Forum Moderators: phranque

Message Too Old, No Replies

OAuth's 2.0 Leader Resigns Over It Being "a bad protocol"

         

engine

5:54 pm on Jul 27, 2012 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



That's rather worrying. It cannot afford to be a bad protocol, imho.

OAuth's 2.0 Leader Resigns Over It Being "a bad protocol" [news.cnet.com]
OAuth 2.0 promised to improve authentication on the Net, but its author has resigned from the project after concluding the standard "is a bad protocol."

"When compared with OAuth 1.0, the 2.0 specification is more complex, less interoperable, less useful, more incomplete, and most importantly, less secure," Eran Hammer-Lahav said in a blog post yesterday. "I resigned my role as lead author and editor, [withdrew] my name from the specification, and left the working group...Deciding to move on from an effort I have led for over five years was agonizing."

g1smd

5:59 pm on Jul 27, 2012 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



If the person "in charge" can't get things going in the right direction, who the heck can?

bill

2:43 am on Jul 30, 2012 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



I haven't kept up with OAuth lately. Are the implementations run by the big guys on this new 2.0?
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 10:47 am May 21, 2026