[WG-UMA] OAuth 2.0 and the Road to Hell

John Bradley ve7jtb at ve7jtb.com
Sat Jul 28 14:50:53 EDT 2012


I put up a blog post this morning.   http://www.thread-safe.com/2012/07/the-oauth-2-sky-is-not-falling.html

John B.
On 2012-07-28, at 11:43 AM, Salvatore D'Agostino wrote:

> John,
>  
> Glad to hear the good with the bad.
>  
> Thanks,
> Sal
>  
> From: John Bradley [mailto:ve7jtb at ve7jtb.com] 
> Sent: Saturday, July 28, 2012 1:00 PM
> To: Salvatore D'Agostino
> Cc: 'Eve Maler'; 'Alam'; 'UMA WG WG'
> Subject: Re: [WG-UMA] OAuth 2.0 and the Road to Hell
>  
> Get a grip people.  The sky is not falling.   Life is good.
>  
> The OAuth workgroup has been making excellent progress closing the open issues.
>  
> We are now finishing the instructions for the RFC editor.  The spec has been completed in the last several months since the chairs removed the editor's ability to block progress.
>  
> I don't hink it would have been in UMA's interest to support only confidential clients with only MAC tokens.   It is true that protocols using OAuth 2 need to define there security models and profile the spec as UMA has.   This is normal,  nothing has changed except that OAuth is making progress again.
>  
> John B.
>  
> On 2012-07-28, at 9:45 AM, Salvatore D'Agostino wrote:
> 
> 
> Hi Eve,
>  
> Been lurking and seen this all come to pass as well.
>  
> Assume that the bad part is that Eran is right and that OAuth 2 is less likely the building block we looked to build on?
>  
> Regards,
>  
> Sal
>  
> From: wg-uma-bounces at kantarainitiative.org [mailto:wg-uma-bounces at kantarainitiative.org] On Behalf Of Eve Maler
> Sent: Friday, July 27, 2012 8:26 PM
> To: Alam
> Cc: UMA WG WG
> Subject: Re: [WG-UMA] OAuth 2.0 and the Road to Hell
>  
> Sigh. This is an extraordinarily unhelpful blog post. Dick Hardt's comment late in the thread captures some of the frustration around Eran's position and actions...
>  
>             Eve
>  
> On 27 Jul 2012, at 8:44 AM, Alam <alamjan at gmail.com> wrote:
> 
> 
> 
> Hi All,
> 
> "They say the road to hell is paved with good intentions. Well, that’s OAuth 2.0. "  Eran Hammer
> for more ...
> 
> http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/
> 
> Cheers,
> Alam
> _______________________________________________
> WG-UMA mailing list
> WG-UMA at kantarainitiative.org
> http://kantarainitiative.org/mailman/listinfo/wg-uma
>  
> 
> Eve Maler                                  http://www.xmlgrrl.com/blog
> +1 425 345 6756                         http://www.twitter.com/xmlgrrl
> 
> 
> 
>  
> _______________________________________________
> WG-UMA mailing list
> WG-UMA at kantarainitiative.org
> http://kantarainitiative.org/mailman/listinfo/wg-uma

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/wg-uma/attachments/20120728/439649aa/attachment-0001.html 


More information about the WG-UMA mailing list