Chris made his list of companies who should have deployed OpenID by now. I am not going to list everyone who promised to come out with OAuth just yet, but I will. It is enough to look at the OAuth Core 1.0 authors and the companies they represent to see that we have a long way to go. Of course Hueniverse’ own Nouncer supports OAuth, and even OAuth Discovery. But some might say this is not really fair, as Nouncer is still in development. So take a look at Ma.gnolia, they had the first working OAuth Core service in production, and had Discovery deployed within hours of draft 1. So go, do!
Twitter recently added a very cool and somewhat unproductive way of what I call strolling the social graph (a technical term some folks really don’t like, but offer no good replacement). It is called Blocks and allows you to graphically see who the people you are following follow and what they’re up to. The tool itself is very well designed and fun to use. The idea is that if you are following someone, you might be interested in who they are following too. What is unproductive about it, is that it doesn’t go the extra mile of allowing you to follow people by proxy.
I said before that only Karl Rove can fix phishing attacks and internet security problems that are caused by users laziness and carelessness. We need the man who got George Bush re-elected on a platform of fear. OAuth will provide a (much) better way to share your stuff without sharing your password, but it doesn’t replace passwords.
Even with OAuth, we need to scare people into being more careful and smarter about what they do online. To prove my point: Flickr, Google, and others have great (but proprietary) OAuth like protocols, but sites still ask for your Flickr and Google passwords and you still give it to them. It takes a while before I share my password from one site with another because I don’t trust them.
Don’t get we wrong, OAuth is great, or at least I hope it will be considering the number of hours I put in this week into getting the spec ready for prime time. But I’ve been hearing a lot of chatter lately on what OAuth is good for and some of it makes little sense to me. I don’t want to point at specific examples as some of them come from people I truly admire, but they are there. At the Data Sharing Summit, OAuth was thrown into the mix of solutions to problems it had nothing to do with.
This is the first of our new occasional geek humor cartoons. They are all meant to be funny to a small group of people in the know, which in a way makes them even funnier. Of course I cannot draw if my life depended on it – I just write the concept and other talented people bring them to life. ‘OAuth Therapy’ was created by Christopher Carrasco.