Aaron Parecki

55°F

Wednesday, October 6, 2021

Farasath Ahamed https://twitter.com/farazath619 • Oct 6
Noticed that the resource owner password and implicit grants are removed from the 2.1 (For obvious reasons :))

But doesn't that make the OAuth 2.1 framework backward incompatible with OAuth 2.0?

OAuth 2.1 kind of gives the feeling its a slight(minor) change from OAuth 2.0

Password and Implicit are already not part of OAuth 2.0 as described by the Security Best Current Practice. The 2.1 update is leaving them out so that you don't have to first learn about them and then read another doc telling you not to use them.

Portland, Oregon, USA • 48°F

3 likes 3 replies

Wed, Oct 6, 2021 8:17am -07:00
Farasath Ahamed https://twitter.com/farazath619 • Oct 6
Thanks @aaronpk for the clarification 👍
So OAuth 2.1 is essentially OAuth 2.0 without the naughty bits :)

That's one way to say it 😂😂😂

Portland, Oregon, USA • 48°F

2 likes

Wed, Oct 6, 2021 8:21am -07:00
Farasath Ahamed https://twitter.com/farazath619

Thanks @aaronpk for the clarification 👍
So OAuth 2.1 is essentially OAuth 2.0 without the naughty bits :)

Portland, Oregon • 49°F

Wed, Oct 6, 2021 3:20pm +00:00 (liked on Wed, Oct 6, 2021 8:25am -07:00)
Join me and @vibronet tomorrow for another OAuth Happy Hour! This week seems like a good week to talk about what happens when "Sign In with Facebook" is down.

📅 Oct 7 4pm Pacific

https://www.youtube.com/watch?v=B3a3-JV-dl0

Portland, Oregon, USA • 51°F

9 likes 1 mention

Wed, Oct 6, 2021 9:28am -07:00 #oauth
garon🧟‍♂️ https://twitter.com/geemart_

Whoa so people selling jpegs on the internet for thousands of dollars turned out to be a scam? Crazy stuff.

Portland, Oregon • 53°F

Tue, Oct 5, 2021 6:34pm +00:00 (liked on Wed, Oct 6, 2021 10:32am -07:00)
What would a EvE online Internet look like? (blog.benjojo.co.uk)

Wed, Oct 6, 2021 11:10am -07:00 #bgp
Playing battleships over BGP (blog.benjojo.co.uk)

Wed, Oct 6, 2021 11:11am -07:00 #bgp #internet #networking
PDX NEXT - PDX construction 101: What’s happening at your local airport, explained (pdxnext.com)

Wed, Oct 6, 2021 12:26pm -07:00 #pdx #airport #travel
Chapter 24.75 Uniform Building Address System | Portland.gov (www.portland.gov)

Wed, Oct 6, 2021 2:53pm -07:00 #pdx #construction
Pinboard https://twitter.com/Pinboard

But this is also an indictment of the web. Why did we let it basically turn into TV? Where's the outlet for talented young people who want to turn the world upside down, but don't care to sign on to the giant scam that is cryptocurrency? We don't have a good answer for them.

Portland, Oregon • 59°F

Wed, Oct 6, 2021 10:56pm +00:00 (liked on Wed, Oct 6, 2021 4:02pm -07:00)
Pinboard https://twitter.com/Pinboard

I've been in mostly violent agreement with @smdiehl and others who call out cryptocurrency and its descendants for what they are—an end run around financial regulation at best, a massive fraud at worst. We all agree it makes no sense as a technology. But one thing worries me:

Portland, Oregon • 59°F

Wed, Oct 6, 2021 10:45pm +00:00 (liked on Wed, Oct 6, 2021 4:03pm -07:00)
Stephen Diehl https://twitter.com/smdiehl

First let's talk about what the NFT market actually is. Unlike buying bonds, equities, real estate, or actual art you're not buying something with any tangible existence, rights or utility. You're buying an expensive entry in someone else's database. (2/)

Portland, Oregon • 59°F

Wed, Oct 6, 2021 4:58pm +00:00 (liked on Wed, Oct 6, 2021 4:03pm -07:00)
Stephen Diehl https://twitter.com/smdiehl

Like all crypto scams, the essence of the NFT grift is in recruiting new believers by convincing them a blessed database is an authoritative registrar of value. Just like star naming the grift isn't about utility it's simply a shared delusion in a get rich quick scheme.

/fin

Portland, Oregon • 59°F

Wed, Oct 6, 2021 4:58pm +00:00 (liked on Wed, Oct 6, 2021 4:05pm -07:00)
Stephen Diehl https://twitter.com/smdiehl

Lets finally talk about how NFTs are a giant scam. (1/) 🧵

Portland, Oregon • 59°F

Wed, Oct 6, 2021 4:58pm +00:00 (liked on Wed, Oct 6, 2021 4:05pm -07:00)
Old maps of Portland (www.oldmapsonline.org)

Wed, Oct 6, 2021 4:19pm -07:00 #maps #portland #pdx #history
Shaunt https://twitter.com/shaun_vids

nft arguments are fun because you can be like lol people are spending thousands of dollars on intensely ugly lion avatars for zero reason & then some dude from higher up the pyramid will say um, actually, i make thousands of dollars selling ugly lion avatars. so it isn't funny

Portland, Oregon • 56°F

Tue, Oct 5, 2021 3:41pm +00:00 (liked on Wed, Oct 6, 2021 5:09pm -07:00)
Eoin Doyle https://twitter.com/eoindoyl

You can make a general remark about all NFTs and someone will be like "well what about Blimbletons? how do you explain the massive Blimbleton market?" and they're convinced anyone outside the NFT filter bubble knows anything they're talking about. I think that's great.

Portland, Oregon • 56°F

Tue, Oct 5, 2021 4:40pm +00:00 (liked on Wed, Oct 6, 2021 5:10pm -07:00)
foone https://twitter.com/Foone

But that venn diagram is getting closer to a circle every day and when it finally becomes one, we'll have reached thermodynamic equilibrium and no more money will be able to be extracted and it'll finally just GO AWAY

Portland, Oregon • 56°F

Sun, Oct 3, 2021 6:02pm +00:00 (liked on Wed, Oct 6, 2021 5:15pm -07:00)
foone https://twitter.com/Foone • Oct 3
god this post continues to be relevant. I've yet to block someone who is like UM ACTUALLY CRYTPYO IS GOOD ACTUALLY without them having their favorite crytypo in their name and all over their bio
https://twitter.com/Foone/status/1442846073316265984

I appreciate that you've misspelled all the words because otherwise my bot would have auto-blocked you by now and these threads continue to be just gold 😂

Portland, Oregon, USA • 56°F

1 like 1 reply

Wed, Oct 6, 2021 5:18pm -07:00
foone https://twitter.com/Foone

Proof of Work systems don't work when you can do work in zero time! clearly we can't depend on bunkchin crytypocurrentseas going forward as they are not resilient to atemporal computation attacks

Portland, Oregon • 56°F

Mon, Oct 4, 2021 6:09pm +00:00 (liked on Wed, Oct 6, 2021 5:19pm -07:00)
I like giving talks, but I hate writing talk abstracts! How do I fix this?

Portland, Oregon, USA • 55°F

12 likes 2 reposts 20 replies

Wed, Oct 6, 2021 5:37pm -07:00
John Allsopp https://twitter.com/johnallsopp

this is why I write a lot of the abstracts for speakers at our conferences! I know speakers often hate this bit the most!

Portland, Oregon • 55°F

Thu, Oct 7, 2021 12:38am +00:00 (liked on Wed, Oct 6, 2021 5:41pm -07:00)
John Allsopp https://twitter.com/johnallsopp • Oct 7
this is why I write a lot of the abstracts for speakers at our conferences! I know speakers often hate this bit the most!

wow that is next level! 💯

Portland, Oregon, USA • 55°F

1 like 4 replies

Wed, Oct 6, 2021 5:41pm -07:00
Gabe Cohen https://twitter.com/_gabecohen • Oct 7
https://www.copy.ai/

oh my god it's repeating sentences back to me that I've written in blog posts and other places online 😂

Portland, Oregon, USA • 55°F

4 likes 1 reply

Wed, Oct 6, 2021 5:47pm -07:00
John Allsopp https://twitter.com/johnallsopp • Oct 7
shoot it over and I'll write it for you! :-)

well now I'm trying to describe what I'm trying to write about and realizing that if I could do that well that would be the CFP 😅

Portland, Oregon, USA • 55°F

2 likes 2 replies

Wed, Oct 6, 2021 5:47pm -07:00
Aaron Parecki https://aaronparecki.com/ • Oct 6
oh my god it's repeating sentences back to me that I've written in blog posts and other places online 😂

oh but this sentence it made is gold:

"Developed for internal use at Google, OAuth is an elegant solution to making web services easy to use while keeping your private data private."

Portland, Oregon, USA • 55°F

2 likes 1 reply

Wed, Oct 6, 2021 5:50pm -07:00
Aaron Parecki https://aaronparecki.com/ • Oct 6
oh but this sentence it made is gold:

"Developed for internal use at Google, OAuth is an elegant solution to making web services easy to use while keeping your private data private."

this is so much more fun than writing this CFP:

"At the end of the day, OAuth is just a messaging protocol for communicating between services and users, and as such it's easy to grasp and non-controversial."

Portland, Oregon, USA • 55°F

3 likes 1 repost

Wed, Oct 6, 2021 5:54pm -07:00
At the end of the day, OAuth is just a way to communicate between services and users, and as such it's easy to grasp and non-controversial.

OAuth solved a universal problem – signing into a web site – and, in doing so, created a new problem: how does a site know it's really you?

Portland, Oregon, USA • 55°F

16 likes 4 reposts 1 reply

Wed, Oct 6, 2021 6:01pm -07:00 #oauth #ai
John Allsopp https://twitter.com/johnallsopp

what I usually say to speakers is a rough title and 3-4 bullet points of what you want to cover as a start-I think why it's challenging is folks try to "sell" the talk from the get go, rather than refine the focus, then worry about selling it

Portland, Oregon • 55°F

Thu, Oct 7, 2021 1:03am +00:00 (liked on Wed, Oct 6, 2021 6:07pm -07:00)
Not Fake Adam Kalsey https://twitter.com/akalsey • Oct 7
Give the same talk repeatedly.

I actually mostly do, but for this one I want to branch out and approach things differently

Portland, Oregon, USA • 55°F

1 reply

Wed, Oct 6, 2021 6:12pm -07:00
Jesse Vincent https://twitter.com/obra • Oct 7
Write the full talk, then train a neural net to summarize the transcript.

That would very likely get me a better result than feeding this AI 3 sentences and having it come up with comedy gold like this:

"OAuth is like having the Facebook app on your phone, but you are using the same password that you are using for everything else."

Portland, Oregon, USA • 55°F

2 likes

Wed, Oct 6, 2021 6:18pm -07:00
Jesse Vincent https://twitter.com/obra

Write the full talk, then train a neural net to summarize the transcript.

Portland, Oregon • 55°F

Thu, Oct 7, 2021 1:13am +00:00 (liked on Wed, Oct 6, 2021 6:18pm -07:00)
Not Fake Adam Kalsey https://twitter.com/akalsey

And now your experiencing the pain of your bad decisions.

Portland, Oregon • 55°F

Thu, Oct 7, 2021 1:19am +00:00 (liked on Wed, Oct 6, 2021 6:19pm -07:00)
Gabe Cohen https://twitter.com/_gabecohen • Oct 7
https://www.copy.ai/

I think copy.ai has it out for Khan Academy

"I want to start a company based around making great educational content on truly complex concepts like OAuth. Think Khan Academy but also feel like you're talking with an expert."

Portland, Oregon, USA • 55°F

2 likes 1 reply

Wed, Oct 6, 2021 6:21pm -07:00
Gabe Cohen https://twitter.com/_gabecohen

I got something about avoiding pricing overheads from Netflix and YouTube, without mentioning pricing, Netflix or YouTube. There’s definitely a hit list

Portland, Oregon • 55°F

Thu, Oct 7, 2021 1:26am +00:00 (liked on Wed, Oct 6, 2021 6:26pm -07:00)
WTF OAuth https://twitter.com/wtf_oauth

OAuth is a natural extension of a single table database

Portland, Oregon • 52°F

Thu, Oct 7, 2021 1:43am +00:00 (liked on Wed, Oct 6, 2021 7:07pm -07:00)
John Allsopp https://twitter.com/johnallsopp • Oct 7
what I usually say to speakers is a rough title and 3-4 bullet points of what you want to cover as a start-I think why it's challenging is folks try to "sell" the talk from the get go, rather than refine the focus, then worry about selling it

here you are trying to be actually helpful and I've just gone and set up a new parody twitter account @wtf_oauth

now back to work, let me actually read this now 😅

Portland, Oregon, USA • 52°F

2 likes

Wed, Oct 6, 2021 7:20pm -07:00
Aaron Parecki https://aaronparecki.com/ • Oct 6
At the end of the day, OAuth is just a way to communicate between services and users, and as such it's easy to grasp and non-controversial.

OAuth solved a universal problem – signing into a web site – and, in doing so, created a new problem: how does a site know it's really you?

Follow @wtf_oauth for your daily dose of OAuth humor, which will be funny to approximately 0.0001% of you

Portland, Oregon, USA • 52°F

8 likes 1 repost

Wed, Oct 6, 2021 7:23pm -07:00
@goto https://twitter.com/samuelgoto • Oct 7
Is there any existing mechanism (even if not widely deployed) that would allow a user to use an IDP with an RP dynamically (i.e. without a pre arrangement between the RP and the IDP)?

Dynamic Client Registration, but afaik no major provider supports this because they *want* RPs to have a pre-established relationship.

We built IndieAuth to avoid the need for any client registration and it works great for that use case: https://aaronparecki.com/2018/07/07/7/oauth-for-the-open-web

Portland, Oregon, USA • 51°F

1 like 1 reply

Wed, Oct 6, 2021 7:49pm -07:00
@goto https://twitter.com/samuelgoto

Not perfect, but a good bang for the buck on design I have to say :)

Portland, Oregon • 51°F

Thu, Sep 16, 2021 2:20pm +00:00 (liked on Wed, Oct 6, 2021 7:52pm -07:00)
@goto https://twitter.com/samuelgoto

Will read more carefully tomorrow.

Portland, Oregon • 51°F

Thu, Oct 7, 2021 2:53am +00:00 (liked on Wed, Oct 6, 2021 7:54pm -07:00)
Sarah Emerson https://twitter.com/_loveallthis

are we pronouncing them “nifty”s yet and if we did would that piss anybody off in a funny way

Portland, Oregon • 50°F

Thu, Oct 7, 2021 3:20am +00:00 (liked on Wed, Oct 6, 2021 8:23pm -07:00)
Alex Simons https://twitter.com/Alex_A_Simons

Today I introduced Microsoft's Principles for Decentralized Identity - our guide posts for building a #decentralizedidentity service that enables user choice, portability, and control https://www.microsoft.com/security/blog/2021/10/06/microsofts-5-guiding-principles-for-decentralized-identities/

Portland, Oregon • 47°F

Wed, Oct 6, 2021 4:09pm +00:00 (liked on Wed, Oct 6, 2021 9:48pm -07:00) #decentralizedidentity
10:02pm
Asleep

6:12am
Awake

8h 10m
Slept

14m
Awake for

Portland, Oregon

Wed, Oct 6, 2021 11:12pm -07:00