The Web Authorization Protocol (OAuth) has submitted OAuth 2.0, a framework for using security identity access tokens for native mobile application and API security, to the Internet Engineering Task Force’s (IETF) Internet Engineering Steering Group (IESG), reports ZDNet.
The IESG put the framework into “In Last Call” status and has opened it up for comment until Feb. 6.
Nearly two years in development, OAuth 2.0 is an authentication and authorization framework for secure access of RESTful APIs, which are utilized in cloud security for app to app and client to app communication. Because OAuth 2.0 makes use of an access token rather than a username/password combination, it’s seen as being a step forward in the process of developing secure mobile computing.
Final approval on the OAuth 2.0 standard is yet to be determined.
Additionally, the IETF is developing standards for OAuth 2.0 in conjunction with the Security Assertion Markup Language.
Read more here.