Re: Authentication Proposal -- Solid Cookies from Kingsley Idehen on 2016-02-05 (public-webid@w3.org from February 2016)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Fri, 5 Feb 2016 06:49:24 -0500
To: Melvin Carvalho <melvincarvalho@gmail.com>, public-rww <public-rww@w3.org>, public-webid <public-webid@w3.org>
Message-ID: <56B48C44.5090506@openlinksw.com>

On 2/5/16 6:07 AM, Melvin Carvalho wrote:
>
> Alice wishes to authenticate on Bobs server.
>
>  1. Alice sends her User: identity, and (optionally) a path to a
>     "cookie". The cookie is a resource that only Bobs server and Alice
>     have access to. The contents of the resource are a typical cookie
>     with unguessable string and expiry.
>  2. Bob's server compares the string sent from the browser and the
>     string in the file. If they match access is granted.
>
>
> Any comments on this idea?
>

How do Alice and Bob create this cookie? How do that control access to
said cookie? How many cookies come into existence as the contact network
membership of both individuals grows?

-- 
Regards,

Kingsley Idehen       
Founder & CEO 
OpenLink Software     
Company Web: http://www.openlinksw.com
Personal Weblog 1: http://kidehen.blogspot.com
Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Friday, 5 February 2016 11:49:50 UTC