←back to thread

189 points udev4096 | 1 comments | | HN request time: 0s | source
Show context
wvh ◴[] No.42138009[source]
Identity, authn and authn are hard. A failure in the code, logic or at the seams messes up everything that it tries to protect. There are a few big commercial players trying to take the market with their "social login", and a few smaller (open-source) players trying to compete and survive, walking a fine line between open-source and open-core.

I feel this is one avenue where a few open-source players should get some solid funding and support from both the organisations and governments that use their software so we don't end up with unmaintained bug-riddled code and have to login with Google or Facebook everywhere.

A lot of the government agencies I work with use open-source IdP software (because they have to privacy- and policy-wise), so some healthy funding model should be possible for people with the skill and interest.

replies(5): >>42138508 #>>42138602 #>>42139245 #>>42139296 #>>42140612 #
1. pphysch ◴[] No.42140612[source]
> Identity, authn and authn are hard

They are technically straightforward problems. The challenge is usually political; who owns the identity, who manages the identity, privacy concerns of users, etc.

Authz can get crazy, there's a lot of over-engineered solutions there because there's basically no hard boundary between authz and general business logic.

But identity and authn are relatively straightforward, technically, and we ought to have a better FOSS solution than just Keycloak.