On Wed, Jul 22, 2009 at 4:41 PM, Gerard
Meijssen<gerard.meijssen(a)gmail.com> wrote:
Hoi,
Would OpenID make a difference ? It seems to me that when you authenticate
to both WMF projects and to this watchlistr, you would not expose passwords
in the wrong place. It seems to be also a solution of allowing Commons to
authenticate in this way.
No, not really.
In this case the site wants your credentials so that it can scrape
your watchlists.
If it has your credentials it can impersonate you, which is bad.
It addressed by making it possible for the site to generate access
cookies for particular resources which you could share. I.e.
"generate a code that gives someone read only access to my watchlist".