<html><head></head><body bgcolor="#FFFFFF"><div>I suppose the article is not talking about OpenID Connect at all but just questioning why they creat yet another way of extending the access token validity time while OAuth 2.0 has a defined way of doing it. </div>
<div><br></div><div>I can sort of understand it. Being not standard compliant to fragment is the market is a valid strategy for the largest player. <br><br>=nat via iPhone</div><div><br>On 2012/02/03, at 3:02, Anthony Nadalin <<a href="mailto:tonynad@microsoft.com">tonynad@microsoft.com</a>> wrote:<br>
<br></div><div></div><blockquote type="cite"><div>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1f497d">What FB does is their business, they have created an extension that serves their own business needs, it’s not part of OAUTH (but seems to fit the extension model). Everyone is allowed to create extensions that
they feel are needed. I believe that they feel that OpenID Connect is too complicated for them to implement thus they have gone their worn route.</span></p>
<p class="MsoNormal"><span style="color:#1f497d"> </span></p>
<div>
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> <a href="mailto:openid-specs-ab-bounces@lists.openid.net">openid-specs-ab-bounces@lists.openid.net</a> [mailto:<a href="mailto:openid-specs-ab-bounces@lists.openid.net">openid-specs-ab-bounces@lists.openid.net</a>]
<b>On Behalf Of </b>Mike Jones<br>
<b>Sent:</b> Thursday, February 02, 2012 9:50 AM<br>
<b>To:</b> <a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a><br>
<b>Subject:</b> [Openid-specs-ab] Facebook OAuth extension ruffles feathers, nixes user access permission</span></p>
</div>
</div>
<p class="MsoNormal"> </p>
<p class="MsoNormal"><a href="http://www.zdnet.com/blog/identity/facebook-oauth-extension-ruffles-feathers-nixes-user-access-permission/192?tag=mantle_skin;content">http://www.zdnet.com/blog/identity/facebook-oauth-extension-ruffles-feathers-nixes-user-access-permission/192?tag=mantle_skin;content</a></p>
<p class="MsoNormal"> </p>
</div>
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Openid-specs-ab mailing list</span><br><span><a href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a></span><br>
<span><a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a></span><br></div></blockquote></body></html>