[iRail] Authentication and online identity management - thoughts

Pieter Colpaert pieter at iRail.be
Sat Jul 28 00:03:45 UTC 2012

Hi all,

Context: for iRail 3.0, we're building a single sign on system for all
applications built at iRail. This means you will have one identity which
is connected to all iRail apps. What we are building can be viewed in
(pre-)alpha stage over here: https://id.iRail.be.

Yesterday I came across an interesting read concerning identity
management, single sign-on systems and OAuth [1]. It pretty much states
that OAuth2.0 failed doing what it should have done.

Building further upon OAuth2.0 seems like a bad idea in the long run for
PlugID [2]. Concerning iRail 3.0 and https://id.iRail.be, I still think
OAuth is the way to go as there won't be any de facto standard
alternative any time soon. For the open-source project PlugID I think we
should slowly start to look at viable alternatives, such as WebID [3].

What are your thoughts on this one?

[1] http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/
[2] http://github.com/iRail/PlugID
[3] http://www.w3.org/wiki/WebID

Kind regards,


iRail vzw/asbl
+32 (0) 486/747122

More information about the iRail mailing list