Yes, this is the story. Sorry for including the wrong link. We can find out what the issue was but that wasn't necessarily my point.
The problem is that there is unfortunately little understanding about the different layers and responsibilities involved. I think there is something to write about and I will compile a first draft. Ciao Hannes On 12/01/2014 06:51 PM, John Bradley wrote: > Hannes, > > I think this may be the link you were trying to share. > http://www.cbc.ca/m/touch/news/story/1.2844953 > > I suspect the problem was the profile ID leaking via a ad rather than > anything to do with OAuth > as she never logged in. > > John B. > > >> On Dec 1, 2014, at 1:25 PM, Hannes Tschofenig <hannes.tschofe...@gmx.net> >> wrote: >> >> Hi all, >> >> I fear we have to write another article to clarify what OAuth does and >> what it does not do based on the misinformation spread with this recent >> article: >> http://www.techopedia.com/definition/26694/oauth >> >> A quote from that article: >> " >> Graham Williams, a Vancouver-based technology expert, points to what is >> known as an "open authentication protocol" — or OAuth — where people >> often unwittingly share personal information with third-party websites. >> " >> >> Ciao >> Hannes >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
