I have re-read the Wikipedia article about OpenID and
OpenAuth.
OpenAuth while nice in many ways is NOT the same as OpenID. User
authentication is one easy and obvious requirement and I have already said
too much about its need.
It is NOT clear at all to me why OpenAuth should be regarded over OpenID.
The use case for OpenID is obvious. In contrast the case for OpenAuth is
not clear at all. What practical things will it solve?
OAuth will solve more practical problems than OpenID. Toolserver has
had a need for this for years. Labs has the same need. Tools need to
act on behalf of users. We can't let these tools request or store the
credentials of our users, because that's insecure and gives the tool
author access to the credentials. OAuth allows the tool to store a
token, rather than the user's password. Of course, this goes past just
tools. Beta Labs has this problem too. Bots could also benefit from
this greatly.
OpenID would be helpful, and really a combination of OpenID and OAuth
would be the best thing, but the priority of implementing these
definitely leans in favor of OAuth.
- Ryan