Original thoughts on an OAuth book:
working title: OAuth: Up & Running
Might still do this - there's probably a lot more demand for it than a more comprehensive book. Can probably re-use material from one for the other, and vice-versa.
http://aaronparecki.com/The_Definitive_Guide_to_OAuth_2
http://aaronparecki.com/Talk:The_Definitive_Guide_to_OAuth_2
Some thoughts on writing an OAuth book with Aaron Parecki et al
Re: Part 1 overall. If I was a developer wanting to get up and running with OAuth, I wouldn't want to wade through all the history and nitty gritty of how OAuth works. Need chapters on example applications instead.
Re: Chapter 1. History can be an appendix. A one page summary timeline intro would be sufficient. Perhaps 1 page on password anti-pattern bad, how Flickr solved it with Flickr-auth good, and then 1 page on how OAuth 1 and 2 are the generalization/standardization of what Flickr-auth did instead.
Re: Chapter 2 and 3 - move these to a latter advanced section.
Then from a developer's perspective, I would expect to see one chapter for each type of client that just walked me through the code I needed to write.
Part 2 (Ch 4-12) - the whole thing seems far too plumbing centric. Great for someone into protocols, but intimidating/overwhelming from an application developer perspective. I understand why each of these might be important to know, however the packaging can be improved. That is, each Chapter should be a feature / user-scenario of an app which then requires using a specific feature of OAuth, that way the motivation to make the feature work is what drives learning/understanding the feature, which is likely to be more effective than mere protocol curiousity which tends to be much rarer.
Part 3 and 4 are definitely advanced sections.