W3C home > Mailing lists > Public > www-tag@w3.org > April 2002

Secure authorization protocol for WWW

From: David van Leerdam <davidvl@kabelfoon.nl>
Date: Thu, 11 Apr 2002 18:53:49 +0200
To: <www-tag@w3.org>
Message-ID: <000401c1e179$7447cec0$31432d3e@david>
Hello all,

First of all, I could not find a w3 mailinglist that came much close
to the subject of this message, so I decided to try and post it here.

I have seen the web usage change in a while. I see that a lot of
websites etc. require a user to logon to the service to start a session.
Of course this is done with a certain purpose. The web application can
identify the user without it, unless it uses cookies.
But cookies etc. are often cleared on a system and are not secure at

So: why not write an open authorisation protocol that allows simple,
but secure authorisation of a user, stores all data on one centralized
location and solves these "problems"?

Your comments on this one would be greatly appreciated.

David van Leerdam.
Received on Thursday, 11 April 2002 12:51:19 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:32:31 UTC