Hacker News new | comments | show | ask | jobs | submit login

Wow, I don't think I've ever seen tptacek gray in a thread about security. I don't know why, you are absolutely right.

One neat variant on this is how GitHub uses HTTP Basic auth to give you an OAuth token... http://developer.github.com/v3/#authentication

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact