On Fri, Aug 24, 2012 at 10:16 AM, Tyler Romeo tylerromeo@gmail.com wrote:
- OAuth: Well not actually OAuth. After getting a full understanding of
this topic
implementation of actual OAuth (1&2) looks like a dark dead-end. Rather
than OAuth I'd like
to write a new auth standard that learns from all the good things and
the mistakes made in
both versions of OAuth and takes note of all the things we really need.
And then implement it
into MediaWiki and write a series of server and client libraries/sdks so
it's also easier to pick
up than either OAuth.
Not a good idea: http://xkcd.com/927/ While OAuth has its problems, it's not a terrible protocol (or at least v1 isn't).
Seconded -- I'd rather see contributions to making OAuth less painful rather than invent Yet Another Standard.
My personal wishlist: - Persona: Previously called BrowserID. It's come a LONG way in the past few months, and provides another fairly clean identity/authentication system. - OpenBadges: I'd love to explore options for implementing an OpenBadges solution for MW -- methods to encourage good editing and contribution, and to identify those who have consistently demonstrated this capability seems pretty worthwhile.
Nabil