I'm currently implementing some OAuth stuff and reading a lot of RFCs and specifications. Came across this gem which really made me think "I bet I would come to regret writing that one"
How does OpenID Connect improve security
Public-key-encryption-based authentication frameworks like OpenID Connect (and its predecessors) globally increase the security of the whole Internet by putting the responsibility for user identity verification in the hands of the most expert service providers.
...
https://openid.net/wg/connect/