I'm trying to make sense of Google's authentication framework and determine if it introduces any usability risks.
Here's what I found in an online Google resource and if I'm reading it right, I think we've got a bit of a usability problem: >From http://code.google.com/apis/accounts/docs/AuthSub.html **** [1] When the web application needs to access a user's Google service, it makes an AuthSub call to Google's Authentication Proxy service. [2]The Authentication service responds by serving up an Access Request page. This Google-managed page prompts the user to grant/deny access to their Google service. The user may first be asked to log into their account. *** Does AuthSub really inject some kind of security warning page into the user experience? If so, has anyone asked what everyday users think of this? Thx. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
