The whole issue of not having to put your password in for another
service to extract your details, ie Gmail to discover your friends for
a social network, seems like a good one to forward onto the Policy
group (this post is for them, so cc'ing them).
I like how Terrance puts it:
> This is exactly the anti-pattern we should be trying to discourage by
> using standards like OAuth. It separates authentication and
> authorization. As it is now, whatever service you give your credentials
> to becomes you - and you're trusting them not to store/forward your
> password and/or be malicious (delete your stuff). It's unnecessary and
> unsafe.
People should have the right to not compromising their security and
identity, when porting their data.
http://groups.google.com/group/dataportabilityactiontechnical/browse_thread/thread/246121352dad8fec
Good one.