The existence and uptake of Oauth annoys me, because all those developers working on it and using it are all too retarded to notice that SSL can already do everything needed just by making it normal to store signed client certs (even browsers can do that, it just isn't normal practice).
That would then identify the client/API-script/browser to the server without israeling around with the HTTP request itself.
SithEmpire 0 points 1.8 years ago
The existence and uptake of Oauth annoys me, because all those developers working on it and using it are all too retarded to notice that SSL can already do everything needed just by making it normal to store signed client certs (even browsers can do that, it just isn't normal practice).
That would then identify the client/API-script/browser to the server without israeling around with the HTTP request itself.