On Thursday, February 10, 2011 05:02:27 AM Mike N wrote: > > Frankly though a bigger question is whether we want to. I've never been > > that convinced because OpenID just doesn't seem to be getting the > > necessary traction to really work.
That's a misleading way to think about it… with Google, Yahoo, etc acting as OpenID providers, almost _everyone_ on the Internet has an OpenID. I don't have numbers, but likely it is more than Facebook or Twitter. It *is* the most ubiquitious login system on the Internet. But yes, many sites are dropping OpenID login support (jargon: fewer OpenID consumers). However, they're switching to Facebook Connect and Twitter Auth—is outsourcing authentication to corporate silos beneficial to OSM? OpenID, where people have a choice in outsourcing their auth to a corporate silo, remains the best option for an "open internet". > I'm not sold on OpenID either - I know the pro arguments, but with > OpenID, if you're keylogged or phished, they have full access to all > accounts immediately. We're drifting off-topic here… but centralizing logins into OpenID means that you can add more security to the login process, which benefits logins to all sites. With standard username-passwords pairs, there's no universal way to improve the process. -- Samat K Jain <http://samat.org/> | GPG: 0x4A456FBA The ability to procrastinate is what separates us from the machines. -- Chris Gregory (12)
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ dev mailing list [email protected] http://lists.openstreetmap.org/listinfo/dev
