My favorite part:
Steem Login and signing service for safe and easy third-party app integrations.
I really hope they go with something like OAuth 2.0 and make it super easy and secure. Ideally, like other integrated sign ins, users should be able to see all the applications they've granted access to and easily revoke access at any time. There are too many integrations right now which ask for posting keys and that's not a good process going forward.
but problem is... that this is planned for Q3.
This is needed earlier! This should have greater priority.
The work is not instantaneous. We are working on it now. You can expect it live by Q3.
don't get me wrong. This is very important functionality and rushing on its development would not be very wise. Any error in this service can lead to some serious hack.
Nevertheless, for example if I had a choice to speed up a work on "SteemLogin", by giving up a possibility of having "iOS and Android Mobile Applications" in Q4, I would prefer to have "SteemLogin" earlier. Why because we already have working eSteem, and in a year from know it will be even better.
It goes without saying, that having SteemLogin implemented earlier will help all developers.
So by working on SteemLogin rather sooner than later, you will help us, help You :)
We expect mobile applications to be the vast majority of the usage of our site in the future. To deprioritize them in any way (imagine if we didn't have a website) is, in our view, a mistake.
They are very nearly our top priority. Native mobile applications also offer a lot of huge benefits around key management, too.
Some time ago I thought about key management with mobile devices. There is one great advanage about smartphones - they are in most cases online more offten than Desktop of avarage user.
Steemit cannot store keys on own server. At the beggining key is only stored by browser and in the backup (hopfuly).
I am wandering how SteemLogin would work, because without a key from user, transaction cannot be signed. Therefore, SteemLogin will be able to sign transactions for my only when my browser/application will be online.
But what if I trust my wife, sister, and mom enough to give them my keys? They could install SteemApp/SteemLogin app on their smartphones, and whenever there will be a transaction in the queqe awaiting for singing, then someone else could authorize this transaction for me.
With 3-4 trusted friends, I would have vary high availbility of my keys, which will be ready to sign transactions for me.
Moreover... I could even pay them some fee for signing transaction for me. Their smartphone work for me, so they could have a additionall possibility of earning money.
Of course as a pro-user I would also like to setup SteemLoginAgent on my remote server, but this is something would typical user will not able to do that. I would be much easier to avarage user to setup a mobile app to sign transactions for friends.
Hmm. I missed that. Yeah, would be great to have it much sooner than that.
agreed!
I love it man!