undefined | Better HN

0 pointspjzedalis13y ago0 comments

Have you ever tried to write an interoperable authentication system using Active Directory? I'm particularly thinking of the UDP LDAP query and the multiple-byte-order (little-endian and big-endian!) response.

That doesn't disprove my point. Just because you don't like their approach doesn't mean they don't get points for having an approach. So far oAuth is vaporware and not consistent in almost every implementation yet still effective because it's just an idea.

Because it doesn't really work unless everybody does it the same way.

I disagree. It's not hard to adapt to using oAuth+Twists for a given provider. It's not like it's some secret handshake nobody knows and you can't get into the cult meeting. It's just signing data and exchanging tokens. We don't need a universal standard. We need a universal understanding of the problem we are trying to accomplish and various recommendations for how you might solve it. I think the work on oAuth is already complete.

0 comments

mcguire13y ago

"It's not hard to adapt to using oAuth+Twists for a given provider."

I'm not sure, but I suspect that might actually be my point.

j / k navigate · click thread line to collapse

0 pointspjzedalis13y ago0 comments

Because it doesn't really work unless everybody does it the same way.