Confirmed users
1,059
edits
Labs/F1: Difference between revisions
→OAuth Privacy/Security
| Line 121: | Line 121: | ||
=== OAuth Privacy/Security === | === OAuth Privacy/Security === | ||
[http://oauth.net/ OAuth] is a way of authenticating/connecting users with services while not requiring the remote services to hold the passwords of the users service. The system is not perfect and there is a lot we can do to help improve it. | |||
==== Write Only OAuth ==== | ==== Write Only OAuth ==== | ||
Many sites like Twitter, Facebook, and Google(GMail) do not allow for a write-only OAuth permission. In order to send something on behalf of a person we need to obtain read/write permissions to their accounts. | |||
Part of our role should be to encourage sites to have a write-only permission such that the security and privacy impact of connecting via OAuth is greatly reduced. | |||
==== OAuth to Share ==== | ==== OAuth to Share ==== | ||
Many sites implement an OAuth share system that connects their site directly to sites like Twitter for sharing links. This system is slow and gives sites much too much power and access to a users information. | |||
Sites want to keep users from being redirected to other sites for sharing as they often lose users by redirecting them. F1 has the same goals in mind in regards to the problems with the [[#Usability|usability]] of share systems. | |||
=== Sharing Privacy === | === Sharing Privacy === | ||