Re: WebID proxy?

On 20 July 2012 17:39, elf Pavlik <perpetual-tripper@wwelves.org> wrote:

> Excerpts from Melvin Carvalho's message of 2012-07-20 15:13:38 +0000:
> > On 20 July 2012 16:59, Henry Story <henry.story@bblfish.net> wrote:
> >
> > >
> > > On 20 Jul 2012, at 15:26, elf Pavlik wrote:
> > >
> > > > Hello,
> > > >
> > > > Hearing lately some discussions on delegation and proxies, I started
> > > thinking about proxy which would enable me to use WebID without need to
> > > have any private keys on client machine I may happen to use. One could
> use
> > > some other system - possibly pass phrase based - for authentication and
> > > than proxy would hold some secondary private key, which could also have
> > > more restricted permissions on chosen services.
> > > >
> > > > I look here for more flexibility in case someone wants to use friends
> > > computer just to RSVP to an event or similar cases with rather low
> security
> > > requirements...
> > >
> > > Use OpenId with one time passwords perhaps?
> > >
> >
> > Sure WebID can fall back to OpenID, BrowserID, SAML, username/password
> etc.
> I didn't mean 'fall back' to something other then WebID on a service
> provider side. Service could offer WebID only authentication and access
> control, while I would connect from a client machine without any client
> certificates through this 'WebID proxy' which could hold my 'client certs'
> and do WebID dances with service providers. I hope I express myself little
> more clearly this time :)
>

Yes this is what henry built.  You sign in to his service and it sends a
one time verification token to the relying party which lets you in.  I
think foaf.me still works that way.

This mechanism can be extended to any kind of login, much like oauth.


>
> ~ elf Pavlik ~
>