Link roundup for 3/30/08

By Ben Gross
in

The theme of today’s link roundup is about obtaining access to data you may have stored on one web-based service from another web-based service or an application. The name “data portability” is becoming a popular label for this type of interoperability. As the data people store in online services with Google, Microsoft, Yahoo, and other services becomes increasingly valuable, issues of access, authorization, and authentication are growing in importance. This is a story in three parts. First, a cautionary tale, second, an argument that services should provide authenticated access to this information, and third a recently released API from Google that does just that.

Your Email Password: A True Horror Story About Why We Need Authentication Standards: Marshall Kirkpatrick at ReadWriteWeb writes a cautionary tale about the G-Archiver application whose author presented the application as a way to archive a Gmail account and siphoned off users passwords on the side.

Data Portability, Authentication, and Authorization: Niall Kennedy wrote a nice overview of the issues involved in providing data portability with secure access, the technologies available, and a set of best practices.

3. 2. 1. Contact. The API has landed: Google announced an officially supported API to access contact information stored at Google that is shared between a number of services including Gmail and Calendar. All access to the contact information is authenticated. Google provides its standard authentication mechanisms that can either be used by web applications or by desktop applications.

Published March 30, 2008