![]() Design is far too personal, and too subjective, to be given over to the whims and outrageous fancies of anyone with eyeballs in their head.Ĭall me elitist in this one aspect, but with all due respect to code artistes, it’s quite clear whether a function computes or not the same quantifiable measures simply do not exist for design and that critical lack of objective review means that design is a form of Art, and its execution should be treated as such.Ĭontinue reading “The problem with open source design” Author Chris Messina Posted on Jan 3rd Categories design, Open source, Philosophy, Raw Materials, Technology, The Web Arts, Usability, Web building, WordPress Tags design, Open source, Usability, ux, WordPress 15 Comments on The problem with open source design OAuth 1.0, OpenID 2.0 and up next: DiSo Indeed, I’d go so far as to wager that “open source design” is an oxymoron. I’ve probably said it before, and will say it again, and I’m also sure that I’m not the first, or the last to make this point, but I have yet to see an example of an open source design process that has worked. I see this is a tremendous opportunity for both WordPress and OAuth and am looking forward to discussing this opportunity - at least consideration for WordPress 2.7 - and tonight’s meetup - for which I’m now late! Doh! Author Chris Messina Posted on Jul 2nd Categories Citizen-centric Web, Open source, Technology, Web building, WordPress Tags api, authorization, oauth, WordPress, xml-rpc 3 Comments on Feature request: OAuth in WordPress The Existential DiSo Interview Machines).Īnyway, WordPress and OAuth are natural complements, and with popular support and momentum behind the protocol, it’s tragic to see needless reinvention when so many modern applications have the same problem of delegated authorization. There are plenty of benefits to going down this path, not to mention the ability to scope third party applications to certain permissions - like letting Facebook see your private posts but not edit or create new ones - or authorizing desktop applications to post new entries or upload photos or videos without having to remember your username and password (instead you’d type in your blog address - and it would discover the authorization endpoints using XRDS-Simple - Eran has more on discovery: Magic, People vs. Now, fortunately, folks within Automattic are supportive of OAuth, including Matt and Lloyd. It’s also going to be quite useful if folks want to post from, say, a Google Gadget or OpenSocial application (or similar) to a WordPress blog if the XML-RPC APIs are going to be off by default (given Google’s wholesale embrace of OAuth). The pieces are nearly in place, not to mention the fact that OAuth will pretty much be essential if WordPress is going to adopt OpenID at some point down the road. Heck, Stephen Paul Weber already got OAuth + AtomPub working for WordPress, and has completed a basic OAuth plugin for WordPress. There are a number of reasons why WordPress should adopt OAuth - and not just because we’re going to require it for DiSo. This topic hit the wp-xmlrpc mailing list where the conversation quickly devolved into spattering about SSL and other security related topics.Īllan Odgaard (creator TextMate, as far as I can tell!) even proposed inventing another authorization protocol. The argument is that this will make WordPress more secure out of the box - but the question is at what cost? And, is there a better solution to this problem rather than disabling features and functionality (even if only a small subset of users currently make use of these APIs) if the changes end up being short-sighted? In the past couple days, there’s been a bit of a dust-up about some changes coming to WordPress in 2.6 - namely disabling ATOM and XML-RPC APIs by default.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |