Why OAuth is Not Used

From The Socknet

Jump to: navigation, search

The Socknet does not use OAuth, although it was considered.

The OAuth Core documentation makes it clear that OAuth is designed to enable websites to contact each other according to some prior registration process:

4.3. Consumers
The Consumer Developer MUST establish a Consumer Key and a Consumer Secret with the Service Provider. The Consumer Developer MAY also be required to provide additional information to the Service Provider upon registration.

http://oauth.net/core/1.0/

The Socknet was designed with the principle that there must be no prior contact required between participants.

This prior knowledge is a major part of OAuth. Even though it is possible to avoid this feature and still use OAuth, another mechanism must be used in its place, so avoiding it makes OAuth superfluous to the Socknet.

For this reason, the Socknet was designed with no regard for OAuth.

Retrieved from "http://www.socknet.net/w/Why_OAuth_is_Not_Used"
Personal tools