Loading ...
Sorry, an error occurred while loading the content.

3820Re[2]: [decentralization] De-centralizing single sign on.

Expand Messages
  • Simon Fell
    Sep 2, 2001
    • 0 Attachment
      If you want to come up to speed on how passport works, then the slides
      from Keith Brown's presentation on passport at conference.NET are
      available from


      Sunday, September 02, 2001, 7:52:15 PM, you wrote:

      > On Sun, 2 Sep 2001, Chris Hanson wrote:

      >> Single sign-on needs a system where you authenticate to your
      >> authentication provider, provide other parties with an authentication
      >> token of some sort, and have your provider validate that token.
      >> (This is the Kerberos model.)

      > Passport does this...

      >> I've been wondering if this might be possible with cookies somehow;
      >> the problem is that cookies only get sent to the site that set the
      >> cookie.

      > ...using cookies, redirects, and some swiss numbers IIRC.

      > (A "swiss number" is an unguessable random number, which can come in handy
      > in surprisingly many situations. I will also head off the nit-pickers by
      > pointing out that "unguessable" and "random" are very tricky concepts that
      > have caused sleepless nights for many a cryptographer.)

      > Wesley Felter - wesley@... - http://felter.org/wesley/

      > To unsubscribe from this group, send an email to:
      > decentralization-unsubscribe@egroups.com

      > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
    • Show all 25 messages in this topic