Archived for posterity from the Extensible Web Summit, 2014-04-04, San Francisco, California:
Identity
How can distributed networks contribute to identity
Simplify the problem as much as possible
Try only to solve the smaller problems individually, don't do auth+identity+whatever
-Need browser to show something to the user to authenticate with the serve
Similar to a "login" web intent
User clicks a button on site to login,
Browser confirms from user
WebID - is it really dead?
Could have a protocol that does nothing other than get a token and give it to the site.
Sort of Login Intent.
navigator.login()
=> Promise<Token>
Token is a crytographically strong string
Browser prompts user for confirmation and choice of identity service.
Identity service returns either a token or a redirect
If a token then you're good to use that
If a redirect, the browser shows the URL redirected to. The IDP can use this as a way of loging in
The browser hashes the token and the origin and returns that as the Token.
navigator.logout() is needed
Should there be shared or replaced localStorage or IndexedDB
Archived for posterity from the Extensible Web Summit, 2014-04-04, San Francisco, California:
Identity
Simplify the problem as much as possible Try only to solve the smaller problems individually, don't do auth+identity+whatever
-Need browser to show something to the user to authenticate with the serve
User clicks a button on site to login, Browser confirms from user
WebID - is it really dead?
Could have a protocol that does nothing other than get a token and give it to the site. Sort of Login Intent.
navigator.login()
navigator.logout() is needed
Should there be shared or replaced localStorage or IndexedDB
https://github.com/jden/web-login