We've been aware of the problem for some time and have been working with the OAuth community to roll out a fix as soon as possible. There are already some changes in place. Expect an official blog post soon that will address this.
As Mike points out on the blog <http://developer.netflix.com/blog/read/OAuth> we're not anticipating any changes at the current time, but that's not to say that there may not be any.
The OAuth group is still trying to come up with the best resolution to this problem, and we're hoping that a final fix will be released soon.
Are the netflix APIs going to be affected/shutdown because of the new found security hole in the OAuth protocol?
Yahoo's and Twitter OAuth apis are shutdown.
http://news.cnet.com/8301-13577_3-10225103-36.html
--
Sundar
Message edited by Sundar 3 years ago
Tags
JR Conlin – 3 years ago
We've been aware of the problem for some time and have been working with the OAuth community to roll out a fix as soon as possible. There are already some changes in place. Expect an official blog post soon that will address this.
Rich Knox – 3 years ago
Do you expect client side fixes will be needed or will the changes be all on the server side?
JR Conlin – 3 years ago
As Mike points out on the blog <http://developer.netflix.com/blog/read/OAuth> we're not anticipating any changes at the current time, but that's not to say that there may not be any.
The OAuth group is still trying to come up with the best resolution to this problem, and we're hoping that a final fix will be released soon.