[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Oauth blog post

To: "ext SM" <sm@xxxxxxxxxxxx>, "Yaron Sheffer" <yaronf.ietf@xxxxxxxxx>, <ietf@xxxxxxxx>
Subject: RE: Oauth blog post
From: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@xxxxxxx>
Date: Sun, 29 Jul 2012 11:14:58 -0700
Delivered-to: ietf@xxxxxxxxxxxxxx
Thread-index: Ac1tthB24Z6oQOqmRg+jcL4cpUQqOw==
Thread-topic: Oauth blog post

We are going to respond to Eran's blog post. We would like to respond with some real content instead of vague statements.

I would find it useful if anyone of you who likes to agree or disagree to have at least read the OAuth specification. I had noticed that many of those who share their valuable thoughts have not even spent the time to look at the document.

Hannes

Sent from my Windows Phone

From: ext SM
Sent: 7/29/2012 8:23 AM
To: Yaron Sheffer; ietf@xxxxxxxx
Subject: Re: Oauth blog post

Hi Yaron,
At 05:52 AM 7/29/2012, Yaron Sheffer wrote:
>this blog post (
>http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/)
>by the editor of OAuth 2.0 made the rounds of
>the geek news outlets: Slashdot, CNet etc. I am
>sure many people on this list have seen it. But
>I have seen no reactions on this list, nor on
>the SAAG list. Is this too unimportant to
>discuss? Is there nothing we, as an organization, can learn from it?

OAuth2 is more within Apps than SAAG. People
discuss about topics they are interested instead
of what you or I would consider as important. I
don't know whether the IETF learns anything from
its failures. It can always redefine failure so
that it becomes known as success. :-)

It is to Eran's credit that he did not seek all
the credit when he could have done so. What I
could learn from that is that "doing the right
thing" will be forgotten when it is convenient to
do so. The WG Chairs did something unusual to
try and resolve the situation. That's in the
mailing list archive for anyone to read if the
person thinks that it is important.

I'll highlight the following:

   "[the] working group at the IETF started with
strong web presence. But as the
    work dragged on (and on) past its first year,
those web folks left along with
    every member of the original 1.0 community.
The group that was left was largely
    all enterprise? and me."

It's not the first time that this occurs. It is
up to the IETF to assess whether it is detrimental to have such an outcome.

Regards,
-sm

Prev by Date: Re: Oauth blog post
Next by Date: Re: Oauth blog post
Previous by thread: Re: Oauth blog post
Next by thread: Re: Oauth blog post
Index(es):
- Date
- Thread

[IETF Annoucements] [IETF Obscurity Interest] [IETF] [IP Storage] [Yosemite News] [Linux] [Pilates] [Linux SCTP] [Linux Newbies] [Fedora Users]