

How OAuth 2 trumps Basic authentication - bpedro
http://apiux.com/2013/07/10/oauth-2-trumps-basic-authentication

======
frankcaron
A fair assessment of the basic OAuth 2.0 impl, but I'm left wondering how to
as-simply state the value add for developers to implement an OAuth 2 workflow
instead of just relying on SSL.

Is the additional overhead to development worth the gain in security for the
straightforward "access my own protected resources" use case?

~~~
bpedro
As written in the article, one of the advantages is avoiding things like the
man-in-the-middle SSL exploit.

