Now I read people flipping out about "Google tokens" and how it's gonna become an SSO system. And I don't know the truth either way, but let's again let y'all look at the facts and make a decision.
Here's a quick presentation of what I've read online (again, I don't know anything about this stuff): The thought is it'd be nice to use your gmail/talk credentials to log into other sites. But you don't want to give your gmail password to random pages. So somebody looked at some packet captures and saw that Talk logs in by sending your username/password over an SSL connection to a login server, gets a token in response, and then uses that token as your credentials with the Talk server. Therefore, they realized, third parties could let you prove your identity by using your token (and checking it against Talk to verify) without requiring your password!
Dear readers: will this work? Would you trust such a system with your data?