On Tue, Mar 27, 2012 at 12:24 AM, Ben Finney <ben+pyt...@benfinney.id.au> wrote: > Roy Smith <r...@panix.com> writes: > >> In article <878vimhfdp....@benfinney.id.au>, >> Ben Finney <ben+pyt...@benfinney.id.au> wrote: >> > So, if I want to be free to choose an identity provider I trust, and >> > it's not Facebook or Google or Twitter or other privacy-hostile >> > services, how does OAuth help me do that? >> >> It doesn't. Well, in theory, it could, but in practice everybody's >> OAuth implementation is different enough that they don't interoperate. > > Thanks. So OAuth is a pseudo-standard that is implemented incompatibly > to the extent that it doesn't actually give users the freedom to migrate > their existing data and identity at will to any other OAuth implementor?
Pretty much. It is nice that it is published as a standard at all but the standard is just whatever people are actually doing. It seems less hostile when you think of it as vigorous documentation instead of protocols set in stone. -Jack -- http://mail.python.org/mailman/listinfo/python-list
