Although I don’t consider myself a security expert, in last few weeks my paths have crossed with some open security standards / protocols / initiatives (call’em whatever you’d like): namely OATH (http://www.openauthentication.org/) and OAuth 2.0 (http://oauth.net/). Regardless of the fact that those two are frequenly confused with each other, they have one thing in common - they just don’t play their role (anymore)… OATH - that was supposed to become an open standard for authentication is an “open reference architecture for strong authentication” that ……