I don't know about that. Authentication mechanisms seem within scope of any protocol, and if an implementation refuses service based on some extra requirement (such as being signed in to Facebook) then that implementation is simply not up to spec.
> Facebook could start using an open protocol today
Richard Stallman would prefer you to use the term "free protocol", which I think is what we're all trying to say here ;)
Authentication mechanisms are in scope (obviously). The set of authorized accessors is not, right? I guess people are not accounting for the distinction, but it’s rather critical here.
> Facebook could start using an open protocol today
Richard Stallman would prefer you to use the term "free protocol", which I think is what we're all trying to say here ;)