[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] This is a job for... OAuth...
|It looks like it is a reply to something.|
However if it's not, I will do my best to decipher it.
An Oauth permissioning step can be preformed by the user so the FTP client has an access token in advance.
The Oauth protected service endpoint can redirect the client to a URI where it could get a token in some manner. The credentials used for that are up two the two parties and can be a PKI based or some other thing.
If the user permissions the Oauth endpoint in advance. the user doesn't need to be involved in the token interaction.
This is sort of what the ID-WSF interaction and discovery services are about.
You may want to look there for a "better designed" oAuth.
On 20-Sep-08, at 11:51 AM, email@example.com wrote: