I believe that Twitter should become an OpenID provider. No other service has seen the kind of growth around the API that Twitter has, and while HTTP Basic is an insecure method of accessing it provides a wonderful ease of use for the end user. Now that OAuth is not just in the pipeline but in the here and now, I think that it will be important for Twitter to also provide OpenID. Here's why:
* It would allow Twitter API apps to use the one-two punch of Twitter's OpenID and Twitter's OAuth to provide SSO functionality while maintaining account security. * Twitter accounts are some of the easiest to remember and most prevalent links around these days. Using that as an OpenID would make it really easy! * Wrapping a "log in with Twitter" or "Twitter Connect" option would be super-easy and super-useful. Is this something you (the API team) have thought about? If so, what is the possible timeline on this kind of functionality? I have to admit that my inquiry is somewhat selfishly motivated: I am giving a "Twitter on Rails" talk this year at RailsConf about using Twitter as an SSO and I'd love to be able to show people a solution that is easy AND secure. Thanks. Michael Bleigh
