Stephen Paul Weber's dashboard

At this time, there are at least 31 people petitioning for OpenID support at Pownce. I think that most of us are more interested in using OpenID to login to our Pownce accounts, rather than using our Pownce URLs as OpenIDs.

http://demand.openid.net/site/pownce.com

!mmalone:

Authentication and Authorization are two discrete activities as you know. There's nothing barres you to use existing usernames (and let them be changed by user anyitme) while using OpenID for authorization.

OpenID and OAuth doesn't expose a conflict of interest in anyway...
While using OpenID for authorizing access to users for site access, it's perfectly possible to use OAuth for authorizing "on-behalf access" to API.

OAuth establishes a trust channel between the API provider and consumer. There's no point to involve "Identity Provider" after establishment of API trust binding. And there's no requirement in OAuth for API provider being also the Identity Provider... In contrast, OpenID access "requires" contacting OP whenever user claims an ID. So responsibilities are well defined in here.

API Provider creates the trust binding to a consumer with OAuth for one time than let's access by authenticating requests every time without user interaction. Whenever user decides to break the coupling, an interface of API provider helps the user to provision his/her request.

Real user access to site via OpenID is completely different though...
"Relying Party" (API provider web app in the former scenario) MUST request the proof of the ownership for claimed Identity everytime. So OP should be involved in every authorization action.

Technically OpenID and OAuth can have overlapping specifications but their use cases are completely different. No end-user should care about OAuth and access granting process shouldn't be more complex than just a confirmation screen. On the other hand, in OpenID access case, user should be aware of his/her "Identifier" URI to claim an identity.

It's nice to hear Pownce team are involved in the communities of both OpenID and OAuth. I'm sure this will foster a near-perfect implementation of both standarts in Pownce, over the time.

...But I think, -with current standards- deployment of these two technologies are not mutually exclusive in anyway.

While we continue to work on this, we've added an on-off toggle for PostRank that appears in the left pane of Google Reader, above "Add a subscription".

This has happened on both my home and work computers.

1. Dell P4, 2.8 GHz, 500 mb RAM, running Win XP Pro SP2
2. Mac Powerbook, 1 Gb RAM, I forget the CPU speed, running OS X Tiger

Both are running Firefox 3.0, using the Google Reader Greasemonkey script 2.0.

Right now on the Dell Firefox is using 97 mb of memory, and I've seen it get above 200! This was never the case before the new version of the script. Other coworkers that I've turned on to the extension report the same resource drain.

My Mac slows to a crawl. I pretty much can't use the script on it, which is ridiculous because it's a fantastic machine, albeit a few years old.

This is really bumming me out because I think this is the best thing ever to happen to Google Reader.

Are you still seeing issues with the official FF3 release and the latest version of the Google Reader extension?

first impression is that this is a great site for aggregating updates from multiple social sites but i'd need to be able to post status/microblog updates to all the same sites for me to make this the page that i manage my social networks through. if you could just combine the functionality of ST! and ping.fm you'd have everything i need. i'm sure you're already working on that since i see that i can post to facebook and twitter from it but the fact that i can post to a ton more from ping.fm tells me that there's still work to go on this site. good work on the user interface so far and best of luck with the site!

Our Brightkite API Beta is now available: http://blog.brightkite.com/2008/07/10...

Stephen, it does make sense. OpenID is used to authenticate on site A using credentials stored on site B. OAuth lets you authorize access to site A using credentials stored on site B. The two standards have many overlapping use cases.

In any case, implementing OpenID is non-trivial as it require significant changes to our auth system, login flow, and usernames. As Ariel said, we are involved in both the OAuth and OpenID communities and we're actively participating in discussions re: a proposed merger of the standards. Until some consensus/stability is reached on the scope/overlap of the two standards we won't be implementing OpenID. If things change in the future we may re-assess the situation.

This is the first thing I thought about when I looked this great extension. I would also love this feature.

This is the first thing I thought about when I looked this great extension. I would also love this feature.

At first it did not work for me when entered my Canadian mobile number properly in full (with the +1). I tried again with just ten digits and it worked perfectly. (This must be a bug of some sort.)

That makes absolutely no sense - it's *because* you're using OAuth that OpenID support should be easy.

Whatever, thanks for the answer, I'll keep looking.

The newest versions of the extension are now compatible with Firefox 3.