[OpenID] [oauth] Re: Replacing email verification with RSS 'push' feeds and OAuth
mart at degeneration.co.uk
Wed Apr 8 16:23:54 UTC 2009
Terrell Russell wrote:
> On 4/8/09 12:33 AM, Martin Atkins wrote:
>> And with all that said, I would love to see a mechanism for my OpenID
>> provider to accept messages on my behalf. Years ago I specced out a
>> protocol simply called "Send a Message Protocol" which was intended to
>> solve this problem, but it was never migrated from the old OpenID wiki
>> and I don't know how to get to the old OpenID wiki. It was a pretty
>> straightforward protocol anyway, and now that OAuth is a standard (which
>> it wasn't at the time) it ought to be even simpler.
> Give thanks to Brewster...
Excellent. Thanks for digging that up.
Now that I read over it again, I see that it was mostly focused on
interactively sending messages between humans rather than services
sending messages to humans, but at the highest level the protocol here
is "use some kind of authentication to POST an email message to an HTTP
endpoint", which means that OAuth could presumably be swapped in as an
authentication mechanism, with your "messaging provider" as the SP and
the sender as the "consumer".
More information about the general