Path: csiph.com!usenet.pasdenom.info!gegeweb.org!de-l.enfer-du-nord.net!feeder2.enfer-du-nord.net!newsfeed.eweka.nl!eweka.nl!feeder3.eweka.nl!newsfeed.xs4all.nl!newsfeed6.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.160 X-Spam-Level: * X-Spam-Evidence: '*H*': 0.68; '*S*': 0.00; 'protocols': 0.09; 'cc:addr :python-list': 0.15; 'finney': 0.16; 'migrate': 0.16; 'roy': 0.16; 'that?': 0.18; 'thanks.': 0.21; 'wrote:': 0.21; 'header:In-Reply- To:1': 0.22; 'received:74.125.82.174': 0.25; 'cc:no real name:2**0': 0.26; 'message-id:@mail.gmail.com': 0.27; 'cc:addr:python.org': 0.27; 'seems': 0.28; '27,': 0.29; 'extent': 0.29; 'subject:skip:i 10': 0.29; "doesn't": 0.30; 'cc:2**0': 0.31; 'received:google.com': 0.32; 'received:74.125.82': 0.33; 'ben': 0.35; 'writes:': 0.35; 'actually': 0.35; 'received:74.125': 0.36; 'but': 0.36; 'does': 0.36; 'so,': 0.37; 'data': 0.38; 'think': 0.40; 'how': 0.40; 'mar': 0.61; 'choose': 0.61; 'identity': 0.63; 'different': 0.65; 'freedom': 0.66; '2012': 0.69; 'published': 0.74; 'article': 0.81; '12:24': 0.84; 'hostile': 0.91; 'trust,': 0.91 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=wkQz5zWgMUIToV9qsKmkGiq1eFx1JVDUy4zPKzUbt/o=; b=Ts3Vnr7rVIOyJ8rvdkbjJ9I2P8YheUxqTBLVTMyw/vR2blRlwx8UunOs43FjfsHlmr O5FPiL5t2PoJ5iGoKKPP7c4ODxZTgd2iIWN2r8KoM+OPbiDaD17/ADE5JXkXcXLOTu18 DLIeHPUdLWj+c5QRDYofmSgwXDIyCJxlwLJv4u6WdLZTmV4Z5718vmhzgAqT4QayUn+f fAacdEaaHSunQnyTBdbqujh0HZk2RH8injd+gFIk70WHW6XCnVI3qPBCFdTrKFWgRxHS 5CRuU6ZQIVMqrboDVOi6DPAHnXEx0oa66aflYQsPil5dLaRZt+a/qHwBJrMJqRXAjMfn z4mA== MIME-Version: 1.0 In-Reply-To: <87zkb2fz7g.fsf@benfinney.id.au> References: <1973354.3.1332816158529.JavaMail.geo-discussion-forums@pbae2> <87haxahh51.fsf@benfinney.id.au> <878vimhfdp.fsf@benfinney.id.au> <87zkb2fz7g.fsf@benfinney.id.au> Date: Tue, 27 Mar 2012 01:24:16 -0400 Subject: Re: OAuth 2.0 implementation From: Jack Diederich To: Ben Finney Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: python-list@python.org X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 23 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1332825858 news.xs4all.nl 6912 [2001:888:2000:d::a6]:51927 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:22230 On Tue, Mar 27, 2012 at 12:24 AM, Ben Finney w= rote: > Roy Smith writes: > >> In article <878vimhfdp.fsf@benfinney.id.au>, >> =A0Ben Finney wrote: >> > So, if I want to be free to choose an identity provider I trust, and >> > it's not Facebook or Google or Twitter or other privacy-hostile >> > services, how does OAuth help me do that? >> >> It doesn't. =A0Well, in theory, it could, but in practice everybody's >> OAuth implementation is different enough that they don't interoperate. > > Thanks. So OAuth is a pseudo-standard that is implemented incompatibly > to the extent that it doesn't actually give users the freedom to migrate > their existing data and identity at will to any other OAuth implementor? Pretty much. It is nice that it is published as a standard at all but the standard is just whatever people are actually doing. It seems less hostile when you think of it as vigorous documentation instead of protocols set in stone. -Jack