[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Auth]The simplest thing that can possibly work

From: Jeremy Petzold
Subject: Re: [Auth]The simplest thing that can possibly work
Date: 15 Jul 2001 14:25:51 -0700

with such a system, we could use SHTTP to protect the information especialy if 
we use XML-RPC since it relies on HTTP. would that be a good Idea or does it 
limit us? 

On Sun, 15 July 2001, Norbert Sendetzky wrote:

> On Sunday 15 July 2001 20:35, you wrote:
> Ron, you are damn right!
> We have to keep it small and simple, but what we must not do (never!) is to 
> create a protocol that we have to break, if we want to extend it.
> On the implementation side I think we can do this (like you mentioned) with 
> normal data tranfers and HTTP posts. But we must define a protocol how user 
> data is requested because this doesn't exist until now. If websites require 
> user name and password, they do it by displaying a form (somewhere in the 
> html code) which is different on each site. You can not detect what 
> information the form is awaiting. We definitly need something (a protocol) 
> that let us know, what we have to do.
> I think about a few requirements to archive this simplicity:
> 1.) We can expect that a server-side language is available on the web server, 
> because if not, they are not able to process the information today
> 2.) Our protocol should be in text format, because this is easy to parse
> 3.) Maybe we can use XML; parsers are available in most server-side languages
> A possible example:
> Request from a website:
> <dotgnu action="request" origin="">
>    <auth>
>       <item>name</item>
>       <item>password</item>
>    </auth>
> </dotgnu>
> Reply from the client after the user has accepted the transmission (this time 
> or in the past):
> <dotgnu action="reply">
>    <auth>
>       <name>me</name>
>       <password>verysecret</password>
>    </auth>
> </dotgnu>
> It is simple and could be easily extended, e.g. by CC information or a 
> certificate or ...
> Other opinions?
> Norbert
> _______________________________________________
> Auth mailing list
> address@hidden


Find the best deals on the web at AltaVista Shopping!

reply via email to

[Prev in Thread] Current Thread [Next in Thread]