Introduced at WWDC in early June, the login button via an Apple ID sees some of its aspects challenged by the OpenID Foundation - a nonprofit organization precisely controlling many aspects of this type of method. authentication.
In an open letter to Craig Federighi, vice president of software development at Apple, the organization points to certain shortcomings of the Cupertino company regarding the OpenID Connect service guidelines, which is widely used by the " Sign In " feature. with Apple ".
Flaws to be filled
Always in the test as part of the beta of iOS 13, iPadOS and macOS 10.15, Sign In With Apple obviously has homework to do before being able to be dubbed by the OpenID Foundation. In fact, the organization blames Apple for having " widely adopted " their OpenID Connect protocol for its service, while allowing some freedoms.
And these freedoms precisely would ensure that the login button via Apple ID is not as widely adopted by websites as are similar features from Facebook or Google for example.
But that's not all. According to the OpenID Foundation, the freedom of interpretation of the code of OpenID Connect by Apple could pose security problems and risks concerning the protection of personal data.
The Avengers of the secure connection
To summarize, the OpenID Foundation intimate to Apple to solve the various problems formulated here, and to declare publicly that Sign In With Apple is interoperable with sites using OpenID Connect.
Last but not least: OpenID Foundation simply asks Apple to join the organization, where PayPal, Microsoft, and Google already sit.
Apple has not made known its response to the various points raised by the organization, but still has a few months to comply ... or not.
0 Comments