On Fri, Aug 24, 2012 at 10:16 AM, Tyler Romeo <tylerromeo(a)gmail.com> wrote:
- OAuth: Well
not actually OAuth. After getting a full understanding of
this topic
implementation of actual OAuth (1&2) looks
like a dark dead-end. Rather
than OAuth I'd like
to write a new auth standard that learns from
all the good things and
the mistakes made in
both versions of OAuth and takes note of all the
things we really need.
And then implement it
into MediaWiki and write a series of server and
client libraries/sdks so
it's also easier to pick
up than either OAuth.
Not a good idea:
http://xkcd.com/927/
While OAuth has its problems, it's not a terrible protocol (or at least v1
isn't).
Seconded -- I'd rather see contributions to making OAuth less painful
rather than invent Yet Another Standard.
My personal wishlist:
- Persona: Previously called BrowserID. It's come a LONG way in the past
few months, and provides another fairly clean identity/authentication
system.
- OpenBadges: I'd love to explore options for implementing an OpenBadges
solution for MW -- methods to encourage good editing and contribution, and
to identify those who have consistently demonstrated this capability seems
pretty worthwhile.
Nabil