Re: Semi-public resources in Uniform Messaging from Ian Hickson on 2009-12-09 (public-webapps@w3.org from October to December 2009)

From: Ian Hickson <ian@hixie.ch>
Date: Wed, 9 Dec 2009 22:24:25 +0000 (UTC)
To: Tyler Close <tyler.close@gmail.com>
Cc: public-webapps@w3.org
Message-ID: <Pine.LNX.4.62.0912092220170.16061@hixie.dreamhostps.com>

On Wed, 9 Dec 2009, Tyler Close wrote:
> >
> > I think asking users to pass around secret tokens is a non-starter.
> 
> Users pass around secret tokens all the time, they just don't realize 
> that's what they're doing. I assume your statement above is actually 
> meant to say: "I don't want users to see the secret tokens". That's 
> fine. There are a number of ways of doing the GUI such that the user 
> doesn't see the token. We did just such an example for Maciej's calendar 
> scenario. For the above challenge, you specifically asked about the 
> configuration of the server, not the GUI. We can move on to discussing 
> the GUI if you're saying you have no problem with the server 
> configuration. The permission grant and permission exercise phases are 
> analogous to the previous Maciej calendar scenario, so we can reuse 
> those diagrams for the explanation. Just substitute "feed reeder" for 
> "upcoming event" site, and "read feed" for "add event".

That still seems way too complicated.

Here's the UI I want:

   - User logs into site A (the one with the service).
   - User visits site B and says nothing unique to site B.
   - Users sees his data from site A on site B.

No secret tokens, no passwords other than the login for site A.


> I'll note that I am providing UMP solutions to challenge problems that 
> meet arbitrary constraints placed on server and GUI. On the other hand, 
> no one has offered a CORS solution to the printing a photo scenario that 
> doesn't resort to using similar secret token techniques. AFAICT, there 
> is agreement that use of secret tokens is a necessary technique, which 
> is far from being a "non-starter".

I've never seen anything like the printing-a-photo scenario on the Web, so 
I don't have a problem with it being significantly more complicated to 
implement correctly than the shared ("semi-public") static resource case.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Wednesday, 9 December 2009 22:25:04 UTC