Comment 17 for bug 532055

> Leading an initiative for a non-browser OpenID protocol is interesting but, given all the other work we have on our plate, a "Won't Fix."

I agree.

>Keeping our current authentication-through-the-browser story, augmented with a desktop application that can have the browser authentication happen once, and handle permissions by proxy afterwards, is an approach that works with the current state of the art for OpenID and OAuth. I believe it will be reasonable and sufficient for our use cases.

From Leonard's comment in #7 it seems like the only reason to do this is so that the user gets a "do you want to allow this" in a GUI window rather than in a browser. That seems like an extremely marginal improvement to me, so I don't think this is worth the complexity. It does not increase security and it doesn't help people on non-Ubuntu or non-GUI platforms. But there's no point having an extended argument about whether it's Low or Wishlist. Maybe this bug should be retitled?

If I was going to work on this (which I probably won't) I'd improve launchpadlib so it can do the "please authenticate now" in a gui dialog and automatically detect when the form's been submitted (like some other gnome oauth clients), or I would do user:password authentication as in #11. But they can be separate bugs, also wishlist :)