- From: Nathan <nathan@webr3.org>
- Date: Thu, 05 Jul 2012 15:04:21 +0100
- To: Andrei Sambra <andrei@fcns.eu>
- CC: public-webid <public-webid@w3.org>, Read-Write-Web <public-rww@w3.org>
Hi Andrei, I've been looking at the MyProfile use case for delegated auth, and have one primary question, why is MyProfile doing the requesting and caching, could the user themselves, via a js application, not fulfil this roll, levering standard browser caching where needed - I'm unsure why the man-in-the-middle is needed? This has no bearing on whether a delegated auth is required or not generally, just interested to look at whether it's the only solution, and keen not to push traditional "app on the server" mentality when it isn't required, especially in a RWW context. Best, Nathan Andrei Sambra wrote: > Hello everyone, > > After yesterday's discussion with Henry and Mike Jones during the > teleconf, we decided to continue the thread "delegated authentication" > by providing real use cases, in order to better identify what needs to > be done. On the other hand, the issue of delegated authentication is not > specific to WebID, as it rather concerns access control. I am sure there > are more W3C groups (e.g. RRW) interested by this, so please try forward > this message to whom it may concern. > > I have added a use case specific to MyProfile to the existing > "Delegation" wiki page [1]. Please feel free to add more use cases > corresponding to your needs. > > Andrei > > [1] http://www.w3.org/wiki/WebID/Delegation#Use_cases > >
Received on Thursday, 5 July 2012 14:05:14 UTC