Comment 7 for bug 532055
Revision history for this message
| Leonard Richardson (leonardr) wrote Re: Trusted credential-management apps are broken and doomed | #7 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
Good points.
We're never going to require a special client-side app. The browser-based authentication that has worked from the beginning will continue to work. (For a text-only server you'll have to set up a credential ahead of time and copy it over.) The point of the client-side app is to reduce the number of times the average user has to authenticate using their browser.
"the option to send an http-authenticated request with username and password to create a token" -- how do you envision this working? Is there already a standard for this? Maybe the username is your OpenID identity URL and the password is the one you got from your OpenID provider? Does Launchpad send the password to the identity URL to verify it?