Not to "derail" the open-id idea I think we should support oAuth 100% and it certainly would help with persistent applications and scalability...
But ...for the most part you can build these types of applications in pure javascript. Anytime you need to run an api action that requires you to be on the target domain you call a bit of code to iframe proxy that action on the target domain and communicate its results to the client domain with another iframe back to the client.
That is fine for applications that require user interaction, but one of the major benefits of OAuth is that an application can do an action on behalf of a user without their direct interaction; they don't even need to be logged in. Also, OAuth is a standard that is becoming fairly widely used. We shouldn't force third parties to use our custom made solution.
That said, the javascript solution could be useful for lightweight applications that don't need to do actions on a user's behalf without direct interaction.
Respectfully,
Ryan Lane