Comment 1 for bug 532055
Revision history for this message
| Gary Poster (gary) wrote Re: Trusted credential-management apps are broken and may be doomed | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
Leonard and I discussed this with Jonathan Lange, Launchpad product strategist, today.
- We do still want to support being an openid consumer. (This is practically less important to us than other goals, but it is planned and desired nonetheless.)
- This means that, yes, the fake browser approach is doomed. We need to communicate this.
- We are in favor of the "management" desktop application that gets the one-time LP credentials. As of our current thinking, we would expect to support this with three parts.
* We would create and expose an API for the management desktop application to use to control the access of other programs.
* We would create a special standalone type of access for a user to grant to the management application. The management application would need this type of access to use the API discussed above.
* We would make a special webpage for this management desktop application to send the user to for granting this kind of access. The webpage would want to be particularly careful in its language, warning the user what is going on.
- I am marking this as a low priority, but if an Ubuntu developer begins work on the management desktop application, in coordination with Jonathan and other interested parties, we will raise the priority.