A fair assessment of the basic OAuth 2.0 impl, but I'm left wondering how to as-simply state the value add for developers to implement an OAuth 2 workflow instead of just relying on SSL.
Is the additional overhead to development worth the gain in security for the straightforward "access my own protected resources" use case?
Is the additional overhead to development worth the gain in security for the straightforward "access my own protected resources" use case?