XAuth critiques
SitG Admin
sysadmin at shadowsinthegarden.com
Wed Jun 9 15:02:55 UTC 2010
>> This would certainly be a poor UI. I can imagine better ones, but more to
>> the point, the marketplace can decide what the best UI is in this case.
>
>Better ones like what? I'm serious. The current XAuth spec has an
>IdP/Extender
>deciding upfront which RP should be allowed to see the end user has a
>relationship to the IdP. I cannot imagine how you'd build a UI to fix that
>problem. If you can imagine a UI improvement, please describe it!
I believe John's argument here is that UI development can be crowd-sourced:
We *can* go to all the trouble of imagining better ones, but why
*should* we when all the differently-thinking users out there will
demand their own best changes once they see the prototype?
-Shade
More information about the specs
mailing list