[OSM-dev] OpenID for OpenStreetMap?

Samat K Jain lists at samat.org
Fri Feb 11 04:57:31 GMT 2011


On Thursday, February 10, 2011 05:02:27 AM Mike N wrote:
> > Frankly though a bigger question is whether we want to. I've never been
> > that convinced because OpenID just doesn't seem to be getting the
> > necessary traction to really work.

That's a misleading way to think about it… with Google, Yahoo, etc acting as OpenID providers, almost _everyone_ on the Internet has an OpenID. I don't have numbers, but likely it is more than Facebook or Twitter. It *is* the most ubiquitious login system on the Internet.

But yes, many sites are dropping OpenID login support (jargon: fewer OpenID consumers). However, they're switching to Facebook Connect and Twitter Auth—is outsourcing authentication to corporate silos beneficial to OSM? OpenID, where people have a choice in outsourcing their auth to a corporate silo, remains the best option for an "open internet".

>    I'm not sold on OpenID either - I know the pro arguments, but with 
> OpenID, if you're keylogged or phished, they have full access to all 
> accounts immediately.

We're drifting off-topic here… but centralizing logins into OpenID means that you can add more security to the login process, which benefits logins to all sites.

With standard username-passwords pairs, there's no universal way to improve the process.

-- 
Samat K Jain <http://samat.org/> | GPG: 0x4A456FBA

The ability to procrastinate is what separates us from the machines.
-- Chris Gregory (12)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.openstreetmap.org/pipermail/dev/attachments/20110210/5cb3c4fd/attachment-0001.pgp>


More information about the dev mailing list