Comments by "Mikko Rantalainen" (@MikkoRantalainen) on "Interview With A Sr JavaScript Dev | Prime Reacts" video.

  1. Just like an experienced C developer saying "manual memory management and pointers are actually very simple".
    6
  2. "Always better than SAML". --- 100% agreed! SAML is about "we want to create auth system but we don't believe TLS works for encryption so we roll up our own" combined with "we don't believe transmitting data between servers so we use browser redirects to transmit packages between servers". Of course, SAML requires secure "metadata updates" which are transmitted over TLS so the security still depends on TLS! The bad part is that it's possible to build a working system on SAML and that's why it has never been totally killed of even today. OpenID Connect wins SAML in every possible way and is really easy to implement. And even OpenID Connect has extra crap like encoding data in base64 encoded JWT packages instead of simply using JSON to transmit data.
    1