[..] the plain truth is this: it’s empirically way too painful still for first-time OAuth developers to get their code working, and despite the fact that OAuth is a standard, the empirical “it-just-works-rate” is way too low.
Joseph Smarr: Implementing OAuth is still too hard… but it doesn’t have to be.
This isn’t just true of OAuth; try writing an OpenID client or server from scratch. The same probably holds for every part of the open stack. Open doesn’t just mean that anybody can use a format or API; it also has to mean that it’s accessible. Coding barriers are just a different sort of closed.
I think what Joseph suggests here is absolutely right, and he’s doing a good thing to start the conversation rolling.