Linked by Eugenia Loli-Queru on Fri 17th Aug 2007 02:22 UTC, submitted by randommsdev
Microsoft has announced the release of Windows Live ID Web Authentication. This means that WLID (formerly known as Passport) is now opened to third party websites to use as their authentication system. Any Windows Live user can potentially log in to a website that implements Web Authentication. Interestingly sample implementations are available in the Ruby, Python, Perl, and PHP open source languages amongst others -- tested on openSUSE 10.2 but expected to work on any platform that supports these languages. More details are available in the SDK documentation.
Thread beginning with comment 264287
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Use OpenID better
by kaiwai on Sat 18th Aug 2007 02:36
in reply to "RE[2]: Use OpenID better"
Member since:2005-07-06
Frankly, I think that centralized authentication is a *horrible* idea. But it is something that people *will* buy into. When security and convenience collide, convenience will win, hands down.
Microsoft's offering is a given. I hope that everyone else can get behind one other "solution".
After the slaughter that will likely result from everyone's identity being stored in one place... the web will likely rebound back to everyone having their own auth mechanisms.
Microsoft's offering is a given. I hope that everyone else can get behind one other "solution".
After the slaughter that will likely result from everyone's identity being stored in one place... the web will likely rebound back to everyone having their own auth mechanisms.
Hence the reason why Project Liberty is actually gaining traction over Microsoft's - because it is federated; those who have the information can control what information is shared. It also allows the end user to control what is shared.
Like I said, the specifications are there, the problem is, there is a giant grab to get the technology to allow control over the information centrally - from what I see, it has nothign to do with competition and everything to do with many vendors wanting to control all the information. Neither are going to win major commercial backing if that is ultimately the approach taken.
RE[3]: Use OpenID better
by trenchsol on Sat 18th Aug 2007 12:03
in reply to "RE[2]: Use OpenID better"
Member since:2006-12-07
There has been many "slaughters" in the past, people got their credit card numbers stolen, their email read by unauthorized persons and even deleted. That changed nothing and never will. As you said, when security and convenience collide, convenience will win, hands down.
As far as security is concerned, nothing stays in a way of centralized authentication.
As long as you have your web hosted, you are at mercy of providers personnel anyway, they can sell your data, or simply be sloppy with basic security.
Reliability is another problem. If ID provider is unreachable, your web is not accessible.
Member since:
2005-07-24
Frankly, I think that centralized authentication is a *horrible* idea. But it is something that people *will* buy into. When security and convenience collide, convenience will win, hands down.
Microsoft's offering is a given. I hope that everyone else can get behind one other "solution".
After the slaughter that will likely result from everyone's identity being stored in one place... the web will likely rebound back to everyone having their own auth mechanisms.