Folks-- Sorry for the intrusion, but this seemed the community best positioned to respond to this query. I'm interested to talk to security architects and application architects in organizations that have informed opinions on the "client-server" pattern of OAuth as an enterprise web services security technique, either because:
- You currently use it with full forethought - You currently see ad-hoc usage of it in your org - You are considering using it for some use cases - You have considered and rejected it Any or all of the 2.0 MAC pattern, 1.0a usage, plain old app-to-app protection, mobile use cases, etc. are fair game. Feel free to drop me a note at e...@xmlgrrl.com or ema...@forrester.com, or ping me on Twitter (use the hashtag #Forr2Legs to catch my attention fastest), or write in here if you like: http://forr.com/FORRblog_OAuth Feel free to forward this to folks you know who might be interested to respond. Thanks in advance, Eve Eve Maler http://www.xmlgrrl.com/blog +1 425 345 6756 http://www.twitter.com/xmlgrrl _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth