- From: Mountie Lee <mountie@paygate.net>
- Date: Tue, 25 Jun 2013 09:49:36 +0900
- To: Huan Du <dh20156@gmail.com>
- Cc: Nils Dagsson Moskopp <nils@dieweltistgarnichtso.net>, whatwg@whatwg.org, "public-webappsec@w3.org" <public-webappsec@w3.org>, Kang-Hao Lu <kennyluck@w3.org>, ³ÌÛ¿·Ç <csf178@gmail.com>, һ˿±ùÁ¹ <yiorsi@gmail.com>
- Message-ID: <CAE-+aYKUSVz5inGQEvHtC3DfX6fS_ehAVor_9+MdG4cxp5YF4A@mail.gmail.com>
I think it is about not for standardization issue but for implementation issue. On Mon, Jun 24, 2013 at 7:06 PM, Huan Du <dh20156@gmail.com> wrote: > Hi Mountie, > > I think they are different experiences. we want a smooth solution. > > Regards, > Charlie > > > 2013/6/24 Mountie Lee <mountie@paygate.net> > >> for SSO, >> did you tried SAML or OAuth? >> >> >> On Sat, Jun 22, 2013 at 12:00 PM, Huan Du <dh20156@gmail.com> wrote: >> >>> Nils, >>> >>> Thanks for your feedback. >>> >>> There are 3 web sites in Alibaba at least: taobao.com, tmall.com, >>> etao.com. all of them are using a same account management system >>> including Sign up, Sign in. >>> >>> The requirement is simple for the account management system. when user >>> A signed in taobao.com, we expect A is signed in tmall.com and etao.com. >>> >>> Regards, >>> Charlie >>> >>> >>> 2013/6/22 Nils Dagsson Moskopp <nils@dieweltistgarnichtso.net> >>> >>>> Huan Du <dh20156@gmail.com> schrieb am Fri, 21 Jun 2013 19:49:39 +0800: >>>> >>>> > As privacy awareness becomes prevelant, the trend is that future >>>> > browsers are going to ban third-party Cookies by default. >>>> > >>>> > This is a good thing for users, but for giant internet companies, >>>> > this has no doubt increases the difficult and complexity of >>>> > implementing user session synchronization. >>>> >>>> I have a suspicion that the only thing that cannot be done easily >>>> without cookies is tracking – that is, pretending that a user has an >>>> account, but ensuring that she has not made that choice consciously. >>>> >>>> Everything else, so it seems to me, can be done RESTful. Am I wrong? >>>> >>>> > Is it possible to, like Cross-Origin Resource Sharing, allow a site to >>>> > indicate which domains it would like to share Cookies with? >>>> > >>>> > The user account management system of Alibaba have encountered this >>>> > issues and been troubled by this issue. It there's a proposal like >>>> > this, it would be very nice. >>>> >>>> Can you elaborate? Why would an account management system need sessions? >>>> >>>> -- >>>> Nils Dagsson Moskopp // erlehmann >>>> <http://dieweltistgarnichtso.net> >>>> >>> >>> >> >> >> -- >> Mountie Lee >> >> PayGate >> CTO, CISSP >> Tel : +82 2 2140 2700 >> E-Mail : mountie@paygate.net >> >> ======================================= >> PayGate Inc. >> THE STANDARD FOR ONLINE PAYMENT >> for Korea, Japan, China, and the World >> >> >> > -- Mountie Lee PayGate CTO, CISSP Tel : +82 2 2140 2700 E-Mail : mountie@paygate.net ======================================= PayGate Inc. THE STANDARD FOR ONLINE PAYMENT for Korea, Japan, China, and the World
Received on Tuesday, 25 June 2013 00:50:25 UTC