Non-browser Identity Verification

Max Kanat-Alexander mkanat at bugzilla.org
Thu May 19 18:11:29 PDT 2005


On Wed, 2005-05-18 at 11:56 -0700, Brad Fitzpatrick wrote:
> Otherwise they're giving their password to the consumer app,
> which is scary.

	In any situation I can think of, they'd have to do that eventually
anyway. Theoretically, you could think of the browser as part of the
consumer app in the web-page case, and you're giving the password to the
browser.

	In the case of an OpenID-enabled desktop blog client, you'd have to log
into LJ with it anyhow. Somewhere along the line, each User Agent needs
to have the password pass through it, until there is a standard, cross-
platform local password repository (like Keychain on a Mac).

	-Max
-- 
http://www.everythingsolved.com/
Everything Solved: Experts at Bugzilla... and everything else, too.



More information about the yadis mailing list