Loading ...
Sorry, an error occurred while loading the content.

3819Re: [decentralization] De-centralizing single sign on.

Expand Messages
  • Wesley Felter
    Sep 2, 2001
      On Sun, 2 Sep 2001, Chris Hanson wrote:

      > Single sign-on needs a system where you authenticate to your
      > authentication provider, provide other parties with an authentication
      > token of some sort, and have your provider validate that token.
      > (This is the Kerberos model.)

      Passport does this...

      > I've been wondering if this might be possible with cookies somehow;
      > the problem is that cookies only get sent to the site that set the
      > cookie.

      ...using cookies, redirects, and some swiss numbers IIRC.

      (A "swiss number" is an unguessable random number, which can come in handy
      in surprisingly many situations. I will also head off the nit-pickers by
      pointing out that "unguessable" and "random" are very tricky concepts that
      have caused sleepless nights for many a cryptographer.)

      Wesley Felter - wesley@... - http://felter.org/wesley/
    • Show all 25 messages in this topic