- From: Henry Story <henry.story@bblfish.net>
- Date: Sat, 9 Apr 2011 13:24:47 +0200
- To: WebID XG <public-xg-webid@w3.org>
- Cc: Andrei Sambra <andrei@fcns.eu>
On 9 Apr 2011, at 13:05, Henry Story wrote: > > 2. I think foafssl.org should be somewhat different from what it is now, in particular it should have a login landing page to show people what they are logging in under, and if possible allow them logout. The problem with an immediate redirect is that people never see where they are logging into. As a result they may automatically be logged into all sites with the same id. In fact this makes me think of a simple way we can get multiple logins with the current browsers - broken because of their inability to make it easy to see what certificate one is using on a page, and how to logout or change the auth. This is a rough idea that would need some tweaking. Let us say Site A does not have a WebID https layer and wants to login users with WebID. They point to site B that does a foafssl type login (but this one asking the user). If this is the first time the user logs in to that site he will get to choose a certificate. If he is already logged into that site pressing the "logout" button will send him to another foafssl type site where he will be asked for a new certificate. Since we can have any number of such sites, people can have a lot of logins. Henry Social Web Architect http://bblfish.net/
Received on Saturday, 9 April 2011 11:25:22 UTC