OAuth 2.0 Standard Editor Quits, Takes Name Off Spec

New submitter tramp writes "The Register reports, 'Eran Hammer, who helped create the OAuth 1.0 spec, has been editing the evolving 2.0 spec for the last three years. He resigned from his role in June but only went public with his reasons in a blog post on Thursday. "At the end, I reached the conclusion that OAuth 2.0 is a bad protocol," Hammer writes. "WS-* bad. It is bad enough that I no longer want to be associated with it."' At the end of his post, he says, 'I think the OAuth brand is in decline. This framework will live for a while, and given the lack of alternatives, it will gain widespread adoption. But we are also likely to see major security failures in the next couple of years and the slow but steady devaluation of the brand. It will be another hated protocol you are stuck with.'"

Re:WordStar?

Oh please, you arrogant twats.
This web services sector is such a huge over-engineered mess of enterprisey consultant circle-jerking,
I'm actually *proud* I'm not having any relationship with it.

In practice, it's one of the dumbest things out there.
Because it's mostly protocols based on XML over HTTP over TCP over IP, when a direct binary markup TCP protocol would have done it, and usually already existed decades before.

Add Java "frameworks" in the spirit of EJB to web services, and you got a consultant's wet dream. (Hint: It will contain lots money.)