Re: Authentication Proposal -- Solid Cookies from Martynas Jusevičius on 2016-02-05 (public-rww@w3.org from February 2016)

From: Martynas Jusevičius <martynas@graphity.org>
Date: Fri, 5 Feb 2016 12:58:34 +0100
To: Melvin Carvalho <melvincarvalho@gmail.com>
Cc: public-rww <public-rww@w3.org>, public-webid <public-webid@w3.org>
Message-ID: <CAE35VmxVGou5OPU6ErqnRYmTDGZ2wPvcwnTZpURDGms5Roh=Ag@mail.gmail.com>

Question: why? Do we really need a new technology for this?

On Fri, Feb 5, 2016 at 12:07 PM, Melvin Carvalho
<melvincarvalho@gmail.com> wrote:
> Alice wishes to authenticate on Bobs server.
>
> Alice sends her User: identity, and (optionally) a path to a "cookie". The
> cookie is a resource that only Bobs server and Alice have access to. The
> contents of the resource are a typical cookie with unguessable string and
> expiry.
> Bob's server compares the string sent from the browser and the string in the
> file. If they match access is granted.
>
>
> Any comments on this idea?

Received on Friday, 5 February 2016 11:59:03 UTC