OAuth for the Open Web

A little about the challenges of using #OAuth2 in a distributed setting for WordPress, GitLab, Mastodon, and more. Spoiler: it's not all bad news. Let's make this happen!

https://aaronparecki.com/2018/07/07/7/oauth-for-the-open-web
@klaatu
Awesome find! I will read this when the kids go to bed.

@aaronpk
@klaatu @aaronpk

I'm wondering why can't the openID stuff be ssh keys.

+ this is my ssh key for the banking website... I don't want to share this identity with anyone else
+ this is my ssh key for webmail
+ this is my ssh key that I use for communication.... etc. and so on.
@klaatu for us Linux people it fits like a glove... and could be used as a method to make the internet easier for noons (grandparents)
@klaatu
And the ssh config file would REALLY simplify what key you wanted to use with what site.

But I'm sure there is a reason that this is not used for identity verification.

Probably something like, we couldn't make it work for websites.
Sign in to participate in the conversation
Mastodon

Generalistic and moderated instance. All opinions are welcome, but hate speeches are prohibited. Users who don't respect rules will be silenced or suspended, depending on the violation severity.