- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Sun, 4 Aug 2013 23:43:39 +0200
- To: public-rww <public-rww@w3.org>, public-webid <public-webid@w3.org>
Received on Sunday, 4 August 2013 21:44:07 UTC
I was just thinking this could be a possible login use case 1. Go to a site sending your HTTP identity (e.g. via User Header) 2. Site requires authentication so sends a "Challenge" header 3. Using RWW add the following triple to your site <#me> <somevocab : challenge> "Challenge-String". 4. On update, refresh the page 5. The relying party will check your page for the challenge string, and when it finds it there, logs you in This is much like the common automated process where someone will ask you to 'verify your homepage' by making you add a string. With POST / PATCH / PUT technology perhaps it could all be automated allowing login without the of the relying party having to use TLS.
Received on Sunday, 4 August 2013 21:44:07 UTC