W3C home > Mailing lists > Public > public-rww@w3.org > October 2011

Re: Easy auth and ACL?

From: Henry Story <henry.story@bblfish.net>
Date: Thu, 6 Oct 2011 20:42:22 +0200
Cc: public-rww@w3.org
Message-Id: <CFF5C5C8-30AF-440D-A5E6-E599B0446714@bblfish.net>
To: Danny Ayers <danny.ayers@gmail.com>

On 6 Oct 2011, at 20:07, Danny Ayers wrote:

> The other day I had yet another bunch of brilliant app ideas... but
> there were stumbling blocks I've hit before. Areas I haven't a clue
> about.
> 
> The user management bit - ok, I know how to model this in RDF using
> named graphs - but the wire-level stuff really does seem hard work.
> 
> Ok, practical scenario:
> 
> you've got a CMS, and -
> 
> 1. you want to make sure the user's data is safe (in their terms, they
> have control)
> 2. you wish to make it user friendly
> 
> In my head I want WebID, but when it comes to coding it up it seems
> non-trivial.

What is your problem there in coding it up? It's really quite short.
Please let us know so we can help and improve the documentation.

> Earlier I asked a friend who builds Web sites for a living what she
> did: this stuff she codes from scratch every time, uses ASP sessions
> (whatever they are) and essentially passes passwords over in plain
> text.
> 
> As far as I can tell, the best bet for passing the password initially
> would be over HTTPS - maybe do the password/email dance. Thereafter
> HTTP Digest.
> 
> But my goal here is to be able to mass produce apps, I *don't* want to
> have to think it through again every time.
> 
> Suggestions?
> 
> Cheers,
> Danny.
> 
> -- 
> http://dannyayers.com
> 

Social Web Architect
http://bblfish.net/
Received on Thursday, 6 October 2011 18:42:56 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 30 April 2012 12:56:00 GMT