idAuth Proposal, Take 2
After some feedback, I revised my idAuth proposal [original post, first proposal] to include a better end-user experience, via cookies.
idAuth Proposal, Take 2 (OpenOffice)
idAuth Proposal, Take 2 (Word)
blog comments powered by Disqus
Ads
Add New Comment
Viewing 3 Comments
Thanks. Your comment is awaiting approval by a moderator.
Do you already have an account? Log in and claim this comment.
Do you already have an account? Log in and claim this comment.
I'm not a member of SID, so not sure what's being discussed, but the cookie idea can be problematic since the blog comment system will be unable to read cookies set by the aggregator (unless they are in the same domain). This is why federated auth systems implement an intermediate redirect, passing encrypted information in the querystring and ultimately two cookies get set, one in each domain. (Or backend web-service calls are made.)
Do you already have an account? Log in and claim this comment.
Thanks!
I understand the cookies are going to be a problem, and I'm aware that there are a few domain restriction workaround attempts, but I wanted to have somewhere to start. How it actually works (from a technical perspective) is going to be part of the process...
In the same vein, I want to specifically avoid a "true" auth system, at least for now, because of the high-cost of the user experience... I don't want this to be used by the tech elite. I want this to be used by grandma. ;-)
--Kyle
Do you already have an account? Log in and claim this comment.
The idAuth idea plays nicely with the "commenter's bill of right" posted over at Disqus. To enforce these rights, a system of definitive comment ownership is needed.
http://bigheadlabs.com/~daniel/draft/acommenter...
Things are headed in the right direction!
Add New Comment