Regarding OAuth2 it should be noted that one person quit the OAuth2 board/spec i... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

martinced on Feb 20, 2013 | parent | context | favorite | on: How we hacked Facebook with OAuth2 and Chrome bugs

Regarding OAuth2 it should be noted that one person quit the OAuth2 board/spec in disgust saying how lame and insecure the whole thing was.

And nobody listened to him. And he was right.

Some things are too complex to ever be secure and OAuth2 seems to be one of these things.

6cxs2hd6 on Feb 20, 2013 [–]

> one person

The lead author and editor, Eran Hammer.

http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell...

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact