Lead Developer Leaves OAuth 2.0 Project

Tuesday Jul 31st 2012 by Developer.com Staff
Share:

Eran Hammer calls the specification "a bad protocol."

For three years, Eran Hammer has been the lead author and editor of the OAuth 2.0 authentication specification, but no longer. Hammer said the spec is “a bad protocol… bad enough that I no longer want to be associated with it.” He added that it is “more complex, less interoperable, less useful, more incomplete, and most importantly, less secure” than OAuth 1.0, primarily because "enterprise" participants in the project are making the standard unnecessarily complicated.

What should developers do? Hammer advised, “If you are currently using 1.0 successfully, ignore 2.0. It offers no real value over 1.0.”

Despite Hammer's departure, the Internet Engineering Task Force (IETF) will continue to oversee the development of OAuth 2.0.

View article

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved