Tav's Blog » OAuth 3.0: The Sane and Simple Way To Do ItI'm a big fan of OAuth and I've done my fair share of promoting it — from writing various open source client libraries to implementing services using it. However, the OAuth 2.0 spec is a bit of a mess. It's overly prescriptive and, given that there isn't a single conformant implementation by a major service provider, perhaps too complex for even the big boys. Take Facebook. They boldly claim OAuth
