On Thu, Jul 15, 2010 at 11:36 AM, Eran Hammer-Lahav <e...@hueniverse.com> wrote: > Framing the argument against "having a 2 in it" as bikeshedding is missing > the point. My reason against using OAuth2 is that is will undermine all the > work put in to build an extensible framework that can evolve without needing > a whole new version. By putting a version number, we make it more attractive > to change the protocol than extend it.
Sure, but clearly there is no evolution from OAuth 1 to OAuth 2. If the next version of OAuth is an evolution of OAuth 2 then it probably should not be called OAuth 3 but rather OAtuh 2.1 and then header and parameter names can be kept the same. At some point a new revolution will be needed and then OAuth 3 is appropriate, as well as new header and parameter names. Marius _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
