3rd
Dawn of OpenID, Rise of OAuth
Recently, I have been watching some blogs and sites, and I noticed this protocol called OAuth. Being a person that likes to study the technologies that involve digital identity, I went into the OAuth page, read the guide of OAuth from Hueniverse and after that I read the specification of the protocol.
As it seems the main purpose of OAuth is just to give authorization to consumer sites to access a user’s data on the Service Provider, this without the user handling the username/password pair to the Consumer. As they say in the Hueniverse page, OAuth is the valet key, this key affords some rights, but it does not necessarily give you privilege to do _everything_ (nice metaphor if you ask me).
So everything is nice and dandy with OAuth, I like it; however I can’t see OAuth becoming just the valet key of the web, but also an identity system (less flexible than OpenID). I say this because, at the end, people won’t mind using their own URL, Twitter account or Gmail account to provide an identity in the Web. I know that probably this was not the intention of OAuth, but is just what works best at hand against OpenID.
One of the indicators I’m basing myself on, is the (Google) trends of the Internet on the OpenID/OAuth subject. I’m just starting to see the deprecation of OpenID (to be honest I thought this wouldn’t happen for at least 2 years, however the web is moving really really fast this days). Do you think both protocols can live together in a long time period? If so I would invite you to convince me, I really want to believe that :-).
