xAuth and perhaps the need for socializing application security and trust - mehack: “In February we sent out an e-mail entitled ‘What’s up with OAuth?’ where we announced xAuth — our username and password for OAuth token exchange mechanism.  Hands down, developers love it.  They hated the UX / context penalty involved with OAuth, especially associated with mobile and desktop applications, for sending their users to the web.  I have to wonder, however, did we do the right thing? ”

xAuth is an interesting (perhaps expedient) development, building a Twitter community trust metric for their own apps looks like an interesting approach.