[OpenID] Enable OpenID for IRC
Yonas
googelly.eyes at gmail.com
Mon May 18 09:27:45 UTC 2009
> The solution would be to use OAuth, but I don't see how you escape the
browser requirement in the case of IRC because IRC itself is not all that
secure.
You would get secure communication between IRC client and IRC server via
SSL. If the IRC server doesn't support SSL, then the client should _not_
login via OpenID.
> Furthermore, you shouldn't really be sending OpenID credentials over an
> IRC
channel... that seems akin to the password anti-pattern where someone could
easily intercept the transmission of data between you and the OP.
The OpenID Authentication Request would be sent to the client over SSL.
> You would need to manage authentication out of band some other way...
I looked at the XMPP+OAuth pages, but it still requires a web browser.
> I'm sympathetic to the idea of being able to just authenticate with a
username/password and still get the benefits of OpenID, but that's just not
realistic (AFAIC).
I don't see any clear reason why we should require OpenID+OAuth to use a
browser. As long as OpenID+OAuth doesn't require a browser, I just need to
create a module for the IRC server and IRC client, and make sure
communication is over SSL.
--
View this message in context: http://www.nabble.com/Enable-OpenID-for-IRC-tp23575937p23594029.html
Sent from the OpenID - General mailing list archive at Nabble.com.
More information about the general
mailing list