i liked the idea of a user being able to define a few settings for AUTH beyond simply the cert. http://webcivics.org/dev/ (use dummy data to access further) On Fri, 5 Feb 2016 11:08 PM Melvin Carvalho <melvincarvalho@gmail.com> wrote: > On 5 February 2016 at 12:58, Martynas Jusevičius <martynas@graphity.org> > wrote: > >> Question: why? Do we really need a new technology for this? >> > > Actually a great question! > > It was a response to this thread, which was brainstorming alternatives. > > https://github.com/solid/solid/issues/22#issuecomment-176833835 > > As someone that has used WebID+TLS every day for several years I dont see > a huge problem with it. I do think we can make better browsers tho, > particularly the open source ones. > >> >> >> On Fri, Feb 5, 2016 at 12:07 PM, Melvin Carvalho >> <melvincarvalho@gmail.com> wrote: >> > Alice wishes to authenticate on Bobs server. >> > >> > Alice sends her User: identity, and (optionally) a path to a "cookie". >> The >> > cookie is a resource that only Bobs server and Alice have access to. The >> > contents of the resource are a typical cookie with unguessable string >> and >> > expiry. >> > Bob's server compares the string sent from the browser and the string >> in the >> > file. If they match access is granted. >> > >> > >> > Any comments on this idea? >> > >
Received on Friday, 5 February 2016 12:15:12 UTC