Re: Logging out from Facebook

On 25 Sep 2011, at 13:17, Tim Berners-Lee wrote:

> In that case, let's mock up a UI which would work,
> define what it does, and then we can lean on browser vendors and who knows?
> 
> It took a long time to get the padlock icon changed to the name of the cert holder
> but I think we only said in talks, didn't give a mock-up of what it would look
> like.
> 
> How do you imagine the browser UI for really logging out?

In the paper we point to the following work by Aza Raskins who used to work at Mozilla:
 
  http://www.azarask.in/blog/post/identity-in-the-browser-firefox/

You can click on the images to get them in big.


> A sidebar or toolbar with a list of the places where you are currently logged in?
> Wouldn't it just be huge?

From Aza Raskins' dialogues it seems pretty good looking. If you go to a web site and log out
from the tab, then the browser should just stop sending any cookies and tis sessions from that site.
Of course there could be leakages of sessions in the URLs, which would need a lot of thinking of, but it seems like the right way to go.

Henry


> 
> On 2011-09 -25, at 07:10, Henry Story wrote:
> 
>> 
>> 
>> On 25 Sep 2011, at 12:24, Jeni Tennison wrote:
>> 
>>> Hi,
>>> 
>>> Interesting read about how Facebook (and possibly other services) doesn't actually log you out (as in remove your identifying cookies) when you "log out".
>>> 
>>> http://nikcub.appspot.com/logging-out-of-facebook-is-not-enough
>> 
>> yes, that is why we argued that cookies and SSL sessions should be completely user controllable in the browser.
>> 
>> http://www.w3.org/2011/identity-ws/papers/idbrowser2011_submission_22/webid.html
>> 
>> 
>> 
>>> Jeni
>>> -- 
>>> Jeni Tennison
>>> http://www.jenitennison.com
>>> 
>>> 
>> 
>> Social Web Architect
>> http://bblfish.net/
>> 
>> 
>> 
> 

Social Web Architect
http://bblfish.net/

Received on Sunday, 25 September 2011 11:25:54 UTC