This is worth exploring further at the next OpenID Summit (assuming there is
interest). RPs that we talk to have overlapping use cases and it's not fair
to their developers to have completely independent SDKs (different signing
mechanism, on boarding process etc).
-Ashish

---------------------------------------------------------------

Ashish Jain

Sr. Product Manager, PayPal Identity Services

email: ashish.j...@paypal.com

cell: 303-548-4325

skype: itickr

---------------------------------------------------------------



On Fri, Mar 26, 2010 at 7:16 PM, Robert Winch <rwi...@gmail.com> wrote:

> If you haven't seen this post, it may be of interest
> http://hueniverse.com/2009/04/introducing-sign-in-with-twitter-oauth-style-connect/
>
>
> On Fri, Mar 26, 2010 at 5:20 PM, Paul Lindner <lind...@inuus.com> wrote:
>
>> If a site has an api that returns a stable user identifier then OAuth can
>> work fine as an SSO.  I wouldn't go so far as to call it bastardized..
>>
>> The big difference between OpenID and OAuth is the idiom used.  OpenID is
>> designed to not require prior registration for use -- multiple relying
>> parties and providers can interoperate using URLs and attribute exchange.
>>  With OAuth you need a consumer key/secret for your site, and the APIs for
>> attribute exchange change from provider to provider.
>>
>>
>> On Fri, Mar 26, 2010 at 1:39 PM, Chris Messina 
>> <chris.mess...@gmail.com>wrote:
>>
>>> OAuth can be used as a bastardized mechanism to do SSO, but it's not
>>> really recommended.
>>>
>>> OAuth only provides you with tokens, which could later be revoked,
>>> effectively destroying the identity that you're relying on.
>>>
>>> OpenID is the preferred way to achieve SSO because it provides you with a
>>> stable, reusable identifier.
>>>
>>> Twitter uses OAuth for SSO, but it's really kind of a mis-use of the
>>> technology, although in practice it kind of solves the problem.
>>>
>>> Essentially OpenID provides you with identity; OAuth provides you
>>> authorization to do things on behalf of a user. Since you're doing something
>>> on behalf of a user, you get a kind of temporary identity to do stuff but
>>> it's much more fragile than OpenID.
>>>
>>> Why don't you want to do OpenID?
>>>
>>> Chris
>>>
>>>
>>> On Fri, Mar 26, 2010 at 10:21 AM, Adam <apcau...@gmail.com> wrote:
>>>
>>>> We currently use CAS for SSO.  I'd like to have SSO into gmail, but do
>>>> not want to switch to OpenID.  Is it possible to use OAuth to login
>>>> users into their gmail accounts?  Or is OAuth only meant to retrieve
>>>> user data?
>>>>
>>>> I am currently using SignPost to connect to OAuth... if it matters.
>>>>
>>>> Thanks.
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "OAuth" group.
>>>> To post to this group, send email to oa...@googlegroups.com.
>>>> To unsubscribe from this group, send email to
>>>> oauth+unsubscr...@googlegroups.com<oauth%2bunsubscr...@googlegroups.com>
>>>> .
>>>> For more options, visit this group at
>>>> http://groups.google.com/group/oauth?hl=en.
>>>>
>>>>
>>>
>>>
>>> --
>>> Chris Messina
>>> Open Web Advocate, Google
>>>
>>> Personal: http://factoryjoe.com
>>> Follow me on Buzz: http://buzz.google.com/chrismessina
>>> ...or Twitter: http://twitter.com/chrismessina
>>>
>>> This email is:   [ ] shareable    [X] ask first   [ ] private
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "OAuth" group.
>>> To post to this group, send email to oa...@googlegroups.com.
>>> To unsubscribe from this group, send email to
>>> oauth+unsubscr...@googlegroups.com<oauth%2bunsubscr...@googlegroups.com>
>>> .
>>> For more options, visit this group at
>>> http://groups.google.com/group/oauth?hl=en.
>>>
>>
>>  --
>> You received this message because you are subscribed to the Google Groups
>> "OAuth" group.
>> To post to this group, send email to oa...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> oauth+unsubscr...@googlegroups.com <oauth%2bunsubscr...@googlegroups.com>
>> .
>> For more options, visit this group at
>> http://groups.google.com/group/oauth?hl=en.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "OAuth" group.
> To post to this group, send email to oa...@googlegroups.com.
> To unsubscribe from this group, send email to
> oauth+unsubscr...@googlegroups.com <oauth%2bunsubscr...@googlegroups.com>.
> For more options, visit this group at
> http://groups.google.com/group/oauth?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"OAuth" group.
To post to this group, send email to oa...@googlegroups.com.
To unsubscribe from this group, send email to 
oauth+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/oauth?hl=en.

Reply via email to