In another sign just how totally broken digital identity continues to be on the web, I’m finding out that @docker like to write its login credentials to ~/.docker/config — something they don’t tell you unless you look specifically. (“How in the world does ‘docker login’ followed by ‘docker push’ work?”) This credential information, of course, should reside in a client-side credential store accessible by all clients accessing the web on the user’s behalf — browsers, curl, iTunes etc and apparently ‘docker push’. And it needs to have tokens, and cookies, and passwords, and gpg keys and what have you. One single basket that we can watch really well. Not ~/.something/else.