[Python-Dev] Offtopic: OpenID Providers

Donald Stufft donald at stufft.io
Thu Sep 5 20:35:16 CEST 2013

On Sep 5, 2013, at 2:25 PM, Oleg Broytman <phd at phdru.name> wrote:

> On Thu, Sep 05, 2013 at 02:16:29PM -0400, Donald Stufft <donald at stufft.io> wrote:
>> On Sep 5, 2013, at 2:12 PM, Oleg Broytman <phd at phdru.name> wrote:
>>>  I used to use myOpenID and became my own provider using poit[1].
>>> These days I seldom use OpenID -- there are too few sites that allow
>>> full-featured login with OpenID. The future lies in OAuth 2.0.
>> The Auth in OAuth stands for Authorization not Authentication.
>   There is no authorization without authentication, so OAuth certainly
> performs authentication: http://oauth.net/core/1.0a/#anchor9 ,
> http://tools.ietf.org/html/rfc5849#section-3

They are separate topics and authorization does not need to imply authentication,
it so happens that in many particular instances of OAuth you can estimate


Persona is the logical successor to OpenID.

Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.python.org/pipermail/python-dev/attachments/20130905/065d9b65/attachment.sig>

More information about the Python-Dev mailing list