After spending quite a few hours on yesterdays post, OAuth and OMB post-sharing, it occurred to me with the first cup of coffee this morning that I had missed one important user interface twist in the use of OAuth that actually makes it quite necessary.
It depends on how the UI for subscribing works. If, as with a feed reader, the subscriber enters the URL of the person they wish to follow, authorization is unnecessary. The user has made their intention known to their own account, and can simply request the posting server to send updates.
However, if the the subscriber subscribes by visting the site of the poster, and the poster allows unrestricted access, then there must be a mechanism for the subscriber to tell his own site that he wishes to subscribe to the poster’s updates. This is where OAuth comes in, and it is indeed a well-matched use-case for OAuth’s functionality.
Apologies to Evan at Identi.ca.