Re: A simple login use case using RWW without needing TLS

I like this idea, only needing webid authorization with your homepage, and
proving you have that authorization with a quick write.

Though, does your turtle page ([given site uri]+"/card" right?) become
cluttered with challenge strings?
On Aug 4, 2013 11:44 PM, "Melvin Carvalho" <melvincarvalho@gmail.com> wrote:

> I was just thinking this could be a possible login use case
>
> 1. Go to a site sending your HTTP identity (e.g. via User Header)
>
> 2. Site requires authentication so sends a "Challenge" header
>
> 3. Using RWW add the following triple to your site
>
> <#me> <somevocab : challenge> "Challenge-String".
>
> 4. On update, refresh the page
>
> 5. The relying party will check your page for the challenge string, and
> when it finds it there, logs you in
>
> This is much like the common automated process where someone will ask you
> to 'verify your homepage' by making you add a string.  With POST / PATCH /
> PUT technology perhaps it could all be automated allowing login without the
> of the relying party having to use TLS.
>

Received on Monday, 5 August 2013 15:26:25 UTC