OAuth 2.0 implementation

Ben Finney ben+python at benfinney.id.au
Tue Mar 27 06:24:35 CEST 2012


Roy Smith <roy at panix.com> writes:

> In article <878vimhfdp.fsf at benfinney.id.au>,
>  Ben Finney <ben+python at benfinney.id.au> wrote:
> > So, if I want to be free to choose an identity provider I trust, and
> > it's not Facebook or Google or Twitter or other privacy-hostile
> > services, how does OAuth help me do that?
>
> It doesn't.  Well, in theory, it could, but in practice everybody's 
> OAuth implementation is different enough that they don't interoperate.

Thanks. So OAuth is a pseudo-standard that is implemented incompatibly
to the extent that it doesn't actually give users the freedom to migrate
their existing data and identity at will to any other OAuth implementor?

-- 
 \         “Money is always to be found when men are to be sent to the |
  `\   frontiers to be destroyed: when the object is to preserve them, |
_o__)     it is no longer so.” —Voltaire, _Dictionnaire Philosophique_ |
Ben Finney



More information about the Python-list mailing list