[OpenID] Enable OpenID for IRC
Yonas
googelly.eyes at gmail.com
Mon May 18 09:39:29 UTC 2009
Sorry, to clarify the SSL part, all communication during the login process
between IRC client and server would be over SSL.
Yonas wrote:
>
>> The solution would be to use OAuth, but I don't see how you escape the
> browser requirement in the case of IRC because IRC itself is not all that
> secure.
>
> You would get secure communication between IRC client and IRC server via
> SSL. If the IRC server doesn't support SSL, then the client should _not_
> login via OpenID.
>
>
>> Furthermore, you shouldn't really be sending OpenID credentials over an
>> IRC
> channel... that seems akin to the password anti-pattern where someone
> could
> easily intercept the transmission of data between you and the OP.
>
> The OpenID Authentication Request would be sent to the client over SSL.
>
>
>> You would need to manage authentication out of band some other way...
>
> I looked at the XMPP+OAuth pages, but it still requires a web browser.
>
>
>> I'm sympathetic to the idea of being able to just authenticate with a
> username/password and still get the benefits of OpenID, but that's just
> not
> realistic (AFAIC).
>
> I don't see any clear reason why we should require OpenID+OAuth to use a
> browser. As long as OpenID+OAuth doesn't require a browser, I just need to
> create a module for the IRC server and IRC client, and make sure
> communication is over SSL.
>
--
View this message in context: http://www.nabble.com/Enable-OpenID-for-IRC-tp23575937p23594203.html
Sent from the OpenID - General mailing list archive at Nabble.com.
More information about the general
mailing list