tag:blogger.com,1999:blog-11300808.post9182419830804749188..comments2024-03-27T04:19:57.377-07:00Comments on The official Google Code blog: Using XAuth to simplify the social webMike Marchakhttp://www.blogger.com/profile/08067736591419106914noreply@blogger.comBlogger15125tag:blogger.com,1999:blog-11300808.post-65892148482048887792010-07-01T23:25:33.539-07:002010-07-01T23:25:33.539-07:00Can we do something to the monopoly!Can we do something to the monopoly!usearched.infohttps://www.blogger.com/profile/07818425853538871157noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-18491095961583496222010-06-07T12:14:05.045-07:002010-06-07T12:14:05.045-07:00So XAuth+OpenId+OAuth is the answer to Facebook...So XAuth+OpenId+OAuth is the answer to Facebook's challenge? Where does OpenID Connect fit in?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11300808.post-33500564773999620272010-05-01T05:14:13.065-07:002010-05-01T05:14:13.065-07:00This comment has been removed by the author.e-Definers Technologyhttps://www.blogger.com/profile/16643004577781035030noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-63825201712298613102010-04-30T19:03:14.046-07:002010-04-30T19:03:14.046-07:00Thanks for the project... Meebo?
Anyway, Hahaha. ...Thanks for the project... Meebo?<br /><br />Anyway, Hahaha. Friends think I'm crazy (when I was trying to tell them) of "they (not you) are sort of literally using DIV ID elements as a messaging gateway ... 'to blah blah blah central rpc server!'<br /><br />Anyway, pretty nice.... Although there is room for better. Ask me! <br /><br />like ... 347-556-1945Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11300808.post-59438850985164562592010-04-29T23:14:04.100-07:002010-04-29T23:14:04.100-07:00@Duderino, I don't see it being very feasible ...@Duderino, I don't see it being very feasible for non-programmer types to be able to implement this very well... sure you can plop the js on your site, but it's likely the user will want to use you app as well, or login with credentials from another network, or post to both accounts (like facebook and twitter) at the same time or something.Joseph Silvashyhttps://www.blogger.com/profile/02942438495109673432noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-59387894730889238382010-04-28T22:05:27.140-07:002010-04-28T22:05:27.140-07:00Ok great, how do us non-programming types use it?Ok great, how do us non-programming types use it?Duderinohttps://www.blogger.com/profile/05528971059539180356noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-60282874368712369622010-04-22T09:19:52.135-07:002010-04-22T09:19:52.135-07:00Wow! This is very cool I think, since the request ...Wow! This is very cool I think, since the request and response are purely client-side. Thank you for sharing.Unknownhttps://www.blogger.com/profile/04087255435148705667noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-16669607498243664162010-04-20T17:18:43.552-07:002010-04-20T17:18:43.552-07:00уєα ι мιѕѕ мι ƒσηє вℓσωιη Ï…Ï...уєα ι мιѕѕ мι ƒσηє вℓσωιη Ï…ÏÏ Ñ‚Ñ”Ï‰..ℓσℓ. вυт ιмα тχт унυ ωєηєνα ι кαηUnknownhttps://www.blogger.com/profile/12311317588099197897noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-31877926405897116322010-04-20T13:59:59.794-07:002010-04-20T13:59:59.794-07:00@Marcus Westin: I suppose you're right — but t...@Marcus Westin: I suppose you're right — but there's still at least one HTTP request to fetch the JavaScript at some point so I think I'll leave it as is. My point was really to try to provide contrast between this approach and the one where you have to ping EVERY service to check if there's an active session!<br /><br />@Lawouach: xauth.org is a centralized service, you're absolutely right. And I had my [strong] reservations about this kind of service when I first heard about it. But the reality is this: while this functionality and set of preferences should belong on the client-side (as many of us are aware and have argued) that has *not* happened. The work to make that happen is of course ongoing, but it makes no sense to sit idly by while single-providersolutions overtake the marketplace.<br /><br />I think that over time XAuth will prove to be a useful stopgap demonstration of a solution to a problem we've long been aware of but until now, had not marshaled the collective will to meaningfully address.<br /><br />In fact, XAuth is so promising because the goal is that any provider should be able to register itself on your behalf, meaning that if you want to use your own custom sharing service or identity provider, you should be able to — and then share that information — proactively — with the sites and services you visit.<br /><br />XAuth does more to leverage the playing field than I think you might realize at first glance.Chris Messinahttps://www.blogger.com/profile/05758329779466595346noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-22835795290112931892010-04-20T06:38:00.268-07:002010-04-20T06:38:00.268-07:00On the other hand, half the services I'm a mem...On the other hand, half the services I'm a member of is because of the NASCAR line-up on a site I visit!Schultzterhttps://www.blogger.com/profile/04045911085515037465noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-60713302071154812292010-04-20T00:14:18.570-07:002010-04-20T00:14:18.570-07:00Isn't xauth.org a centralized service? Haven&#...Isn't xauth.org a centralized service? Haven't you fought the last few years against centralized services? Chris it feels you quite never step back and criticize anymore.<br /><br />I would be interested if you had also showed how one can be made aware they are using Xauth and how they can turn it off, aside from having to go to the xauth.org website and disable it (what does it even mean?)<br /><br />Also, what a terrible terrible name that doesn't tell you what it's all about.Unknownhttps://www.blogger.com/profile/04547214668265559853noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-37443013364357835022010-04-19T22:25:05.852-07:002010-04-19T22:25:05.852-07:00Hey Chris,
Thanks for a great writeup!
Small cor...Hey Chris,<br /><br />Thanks for a great writeup!<br /><br />Small correction on performance and scalability: since all the xauth tokens are stored locally in the user's browser, *no* http requests are required to determine which services are currently active. <br /><br />Many will surely include the JavaScript from xauth.org, but extending and retrieving services uses a simple postMessage protocol and can be accessed without the xauth.org JavaScript library.Marcus Westinhttps://www.blogger.com/profile/17464221112785078078noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-87449065023001529752010-04-19T20:45:37.379-07:002010-04-19T20:45:37.379-07:00@Schultzter,
OpenID is for Authentication
OAuth i...@Schultzter,<br /><br />OpenID is for Authentication<br />OAuth is for Authorization to access data<br />XAuth is an personalized registry of apps <br /><br />I will post a detailed comments for each of these.Saqib Alihttps://www.blogger.com/profile/02387888275653820697noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-45319146939131048432010-04-19T19:09:56.124-07:002010-04-19T19:09:56.124-07:00OpenId, Oauth, XAuth?! Can someone explain it all...OpenId, Oauth, XAuth?! Can someone explain it all to me?!Schultzterhttps://www.blogger.com/profile/04045911085515037465noreply@blogger.comtag:blogger.com,1999:blog-11300808.post-40989189235626989042010-04-19T18:13:03.197-07:002010-04-19T18:13:03.197-07:00Cool.. will hack it soon .. :-)
Panggi LibersaCool.. will hack it soon .. :-)<br /><br />Panggi LibersaPanggi Libersa Jasri Akadolhttps://www.blogger.com/profile/08606551360239115339noreply@blogger.com