i liked the idea of a user being able to define a few settings for AUTH
beyond simply the cert.
http://webcivics.org/dev/
(use dummy data to access further)
On Fri, 5 Feb 2016 11:08 PM Melvin Carvalho <melvincarvalho@gmail.com>
wrote:
> On 5 February 2016 at 12:58, Martynas Jusevičius <martynas@graphity.org>
> wrote:
>
>> Question: why? Do we really need a new technology for this?
>>
>
> Actually a great question!
>
> It was a response to this thread, which was brainstorming alternatives.
>
> https://github.com/solid/solid/issues/22#issuecomment-176833835
>
> As someone that has used WebID+TLS every day for several years I dont see
> a huge problem with it. I do think we can make better browsers tho,
> particularly the open source ones.
>
>>
>>
>> On Fri, Feb 5, 2016 at 12:07 PM, Melvin Carvalho
>> <melvincarvalho@gmail.com> wrote:
>> > Alice wishes to authenticate on Bobs server.
>> >
>> > Alice sends her User: identity, and (optionally) a path to a "cookie".
>> The
>> > cookie is a resource that only Bobs server and Alice have access to. The
>> > contents of the resource are a typical cookie with unguessable string
>> and
>> > expiry.
>> > Bob's server compares the string sent from the browser and the string
>> in the
>> > file. If they match access is granted.
>> >
>> >
>> > Any comments on this idea?
>>
>
>