2 ways to single identification, and both jabber
Do we want a single registration - yes, of course.
“Let's centralize registration” - what could be simpler and ... more limited.
Firstly, I have to register (register all the same!) On the provider's website.
Secondly, remember another login and password.
Thirdly enter this login and password.
- the old dull search and comparison of 2 keys in the database. Just the bases now intersect (by the way, I suppose there are problems with this).
Fourthly, openID may look like this “beautiful”: technorati.com/people/technorati/username
E-mail
Funny, most of the options for getting openID themselves require identification - by E-mail.
E-mail has long been the basis of any identification, as the author of the article Instant Mail and Life Without Passwords correctly noted.
And again, I correctly noted that the mail interface is inconvenient for authorization on the site. So something else is needed, and this is Jabber.
practically the only popular open protocol. Openness allows you to use it in your applications. One may speak about the problem of switching ICQ users to jabber, but it’s time to understand that jabber is a promising technology for building text-command interfaces (hereinafter JCI ), and ICQ, Skype, and so on. Protocols are nothing more thangeneral craze :) social misunderstanding.
Therefore, it is time to turn jabber into an authorization standard. This is already there and is being used - you can feel it at http://juick.com/ .
- that's what should become the norm (in terms of ease of access).
It should be noted that juick uses a radical approach: only JCI, and the web interface is completely absent, respectively, and authorization on the site is not needed here.
We are accustomed to the web interface. JCI is good, perhaps with the development of clients, we will no longer need the web interface, but now we need it (in some places). The authorization algorithm using jabber is very simple.
0. Add a contact (for the first time).
1. We send a command for authorization from jabber (preferably common for all servers *, for example WI)
2. A link comes from the jabber server.
3. We follow the link, the server provides access to the web interface.
No registration, no passwords, and access to the web interface is obtained.
This is a different authorization method, it is not based on the comparison of 2 keys from the database.
The second option (there are two of them in the title of the article) is the reverse one - an authorization request from the site (enter JID), and confirmation in jabber.
Personally, I like the first method, because it eliminates the need to deny authorization if someone decides to hack your account.
What do we have
openID
“Let's centralize registration” - what could be simpler and ... more limited.
Firstly, I have to register (register all the same!) On the provider's website.
Secondly, remember another login and password.
Thirdly enter this login and password.
- the old dull search and comparison of 2 keys in the database. Just the bases now intersect (by the way, I suppose there are problems with this).
Fourthly, openID may look like this “beautiful”: technorati.com/people/technorati/username
Funny, most of the options for getting openID themselves require identification - by E-mail.
E-mail has long been the basis of any identification, as the author of the article Instant Mail and Life Without Passwords correctly noted.
And again, I correctly noted that the mail interface is inconvenient for authorization on the site. So something else is needed, and this is Jabber.
Jabber!
practically the only popular open protocol. Openness allows you to use it in your applications. One may speak about the problem of switching ICQ users to jabber, but it’s time to understand that jabber is a promising technology for building text-command interfaces (hereinafter JCI ), and ICQ, Skype, and so on. Protocols are nothing more than
Therefore, it is time to turn jabber into an authorization standard. This is already there and is being used - you can feel it at http://juick.com/ .
- that's what should become the norm (in terms of ease of access).
It should be noted that juick uses a radical approach: only JCI, and the web interface is completely absent, respectively, and authorization on the site is not needed here.
We are accustomed to the web interface. JCI is good, perhaps with the development of clients, we will no longer need the web interface, but now we need it (in some places). The authorization algorithm using jabber is very simple.
0. Add a contact (for the first time).
1. We send a command for authorization from jabber (preferably common for all servers *, for example WI)
2. A link comes from the jabber server.
3. We follow the link, the server provides access to the web interface.
No registration, no passwords, and access to the web interface is obtained.
This is a different authorization method, it is not based on the comparison of 2 keys from the database.
The second option (there are two of them in the title of the article) is the reverse one - an authorization request from the site (enter JID), and confirmation in jabber.
Personally, I like the first method, because it eliminates the need to deny authorization if someone decides to hack your account.
')
Source: https://habr.com/ru/post/53484/
All Articles