W3C home > Mailing lists > Public > public-rww@w3.org > February 2016

Authentication Proposal -- Solid Cookies

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Fri, 5 Feb 2016 12:07:19 +0100
Message-ID: <CAKaEYhK4vy-Q6UEnUL7otcD_=qH_5h1=u=ekUgG7=jxGBmoM-g@mail.gmail.com>
To: public-rww <public-rww@w3.org>, public-webid <public-webid@w3.org>
Alice wishes to authenticate on Bobs server.

   1. Alice sends her User: identity, and (optionally) a path to a
   "cookie". The cookie is a resource that only Bobs server and Alice have
   access to. The contents of the resource are a typical cookie with
   unguessable string and expiry.
   2. Bob's server compares the string sent from the browser and the string
   in the file. If they match access is granted.

Any comments on this idea?
Received on Friday, 5 February 2016 11:07:55 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:10:52 UTC