Authorization is a big issue for building an application. One of the issues I wanted to avoid is to limit myself to people who have Google GMAIL accounts. This talk describes the Google view of authorization, which is branded. This is important if you want to get to Google data (calendar, contacts, email, etc.). It is less important for App Engine applications that don’t access the user’s data from other applications.
Now, one of the reasons (obviously) to build on the App Engine platform is to integrate in with the Google environment and leverage the Google applications.
OpenSSL to produce RSA keys for verification.
OAth.net: – info on the OAuth open source authorization platform.
Includes a demo by Salesforce.com using Google’s AuthSub authorization tools.