W3C home > Mailing lists > Public > www-tag@w3.org > April 2002

Secure authorization protocol for WWW

From: David van Leerdam <davidvl@kabelfoon.nl>
Date: Thu, 11 Apr 2002 18:53:49 +0200
To: <www-tag@w3.org>
Message-ID: <000401c1e179$7447cec0$31432d3e@david>
Hello all,

First of all, I could not find a w3 mailinglist that came much close
to the subject of this message, so I decided to try and post it here.

I have seen the web usage change in a while. I see that a lot of
webapplications,
websites etc. require a user to logon to the service to start a session.
Of course this is done with a certain purpose. The web application can
not
identify the user without it, unless it uses cookies.
But cookies etc. are often cleared on a system and are not secure at
all.

So: why not write an open authorisation protocol that allows simple,
but secure authorisation of a user, stores all data on one centralized
location and solves these "problems"?

Your comments on this one would be greatly appreciated.

Sincerely,
David van Leerdam.
Received on Thursday, 11 April 2002 12:51:19 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:47:06 GMT