Gaffney3.com

The team working on Open Authentication have released the final draft of the OAuth 1.0 spec.

If unfamiliar with OAuth, let me borrow their analogy. Think of them as a valet key to you car. Its a special key that offers limited access and control to the attendant, allowing him to fulfill his responsibilities, but protecting the vehicle. So too would this work for your online identity .

An open protocol to allow secure API authentication in a simple and standard method from desktop and web applications. [oauth.net]

Fidelity Investments offers a online service dubbed Full View powered by Yodlee, Inc. It allows you to view various assets and liabilities in a single place. Mint offers a dressed up version, but I feel it lacks the confidence-building familiarity and trust. To fully leverage either service however you need to provide usernames and passwords for all accounts listed. Truthfully, this service is read only, so why should it have write or execute privileges. That is where OAuth could come in.

Obviously, adoption is key in the success of this project. This could pave the way for a standardized means for applications to access services without needing to share a username and password with them.

With security concerns marginalized (never eliminated), mashups and APIs could allow a level of interaction as yet unseen.

This entry was posted on Thursday, October 4th, 2007 at 5:56 pm and is filed under Security, Web / Tech, Web 2.0. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.