Re: [Auth]The simplest thing that can possibly work

dotgnu-auth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Auth]The simplest thing that can possibly work

From:	Jeremy Petzold
Subject:	Re: [Auth]The simplest thing that can possibly work
Date:	15 Jul 2001 14:25:51 -0700

with such a system, we could use SHTTP to protect the information especialy if 
we use XML-RPC since it relies on HTTP. would that be a good Idea or does it 
limit us? 

On Sun, 15 July 2001, Norbert Sendetzky wrote:

> 
> On Sunday 15 July 2001 20:35, you wrote:
> 
> Ron, you are damn right!
> We have to keep it small and simple, but what we must not do (never!) is to 
> create a protocol that we have to break, if we want to extend it.
> 
> On the implementation side I think we can do this (like you mentioned) with 
> normal data tranfers and HTTP posts. But we must define a protocol how user 
> data is requested because this doesn't exist until now. If websites require 
> user name and password, they do it by displaying a form (somewhere in the 
> html code) which is different on each site. You can not detect what 
> information the form is awaiting. We definitly need something (a protocol) 
> that let us know, what we have to do.
> 
> I think about a few requirements to archive this simplicity:
> 1.) We can expect that a server-side language is available on the web server, 
> because if not, they are not able to process the information today
> 2.) Our protocol should be in text format, because this is easy to parse
> 3.) Maybe we can use XML; parsers are available in most server-side languages
> 
> 
> A possible example:
> 
> Request from a website:
> <dotgnu action="request" origin="www.dotgnu.org">
>    <auth>
>       <item>name</item>
>       <item>password</item>
>    </auth>
> </dotgnu>
> 
> Reply from the client after the user has accepted the transmission (this time 
> or in the past):
> <dotgnu action="reply">
>    <auth>
>       <name>me</name>
>       <password>verysecret</password>
>    </auth>
> </dotgnu>
> 
> 
> It is simple and could be easily extended, e.g. by CC information or a 
> certificate or ...
> 
> Other opinions?
> 
> 
> Norbert
> _______________________________________________
> Auth mailing list
> address@hidden
> http://dotgnu.org/mailman/listinfo/auth

Regards,

Jeremy
Find the best deals on the web at AltaVista Shopping!
http://www.shopping.altavista.com

[Prev in Thread]

Current Thread

[Next in Thread]

[Auth]The simplest thing that can possibly work, Ron Burk, 2001/07/15
- Re: [Auth]The simplest thing that can possibly work, John, 2001/07/15
- Re: [Auth]The simplest thing that can possibly work, Norbert Sendetzky, 2001/07/15
- Re: [Auth]The simplest thing that can possibly work, Norbert Bollow, 2001/07/16
  - Re: [Auth]The simplest thing that can possibly work, Norbert Sendetzky, 2001/07/16
    - Re: [Auth]The simplest thing that can possibly work, Norbert Bollow, 2001/07/16
    - Re: [Auth]The simplest thing that can possibly work, Norbert Sendetzky, 2001/07/17
    - Re: [Auth]The simplest thing that can possibly work, John, 2001/07/16
- Re: [Auth]The simplest thing that can possibly work, Jeremy Petzold, 2001/07/15
  - Re: [Auth]The simplest thing that can possibly work, Norbert Bollow, 2001/07/16
- Re: [Auth]The simplest thing that can possibly work, Jeremy Petzold <=

Prev by Date: Re: [Auth]a list of what we need the personal Data system to do.
Next by Date: Re: [Auth]a list of what we need the personal Data system to do.
Previous by thread: Re: [Auth]The simplest thing that can possibly work
Next by thread: [Auth]USB key fob?
Index(es):
- Date
- Thread