On 23 Feb 2009, at 15:31, Scott Wilson wrote: > Because many widgets are small local applications offered for remote > services that use different user accounts, oAuth is a very important > and relevant technology. Which is why, for example, it has been a > major task in the oAuth and OpenSocial/Gadgets community to > integrate the technology. > ((Note also that last I heard oAuth was going to IETF for > standardisation)) See: http://www.ietf.org/mail-archive/web/oauth/current/msg00085.html https://datatracker.ietf.org/meeting/74/agenda.html I guess my question is mostly what part of oauth would likely be in scope for a widget spec. My sense is that the likeliest point of interaction could be a hand-off mechanism between browser and widget to enable a browser-based OAuth authorization decision outside the widget itself. That sounds like it could be added later. I also suspect that the specification that is going to be most relevant for combining OAuth and Widgets is going to be XMLHttpRequest level 2.
Received on Saturday, 28 February 2009 21:36:05 UTC