[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Auth]simplest design

From: Norbert Sendetzky
Subject: Re: [Auth]simplest design
Date: Mon, 16 Jul 2001 11:01:21 +0200

Hash: SHA1

> "protocol" sounds somewhat sophisticated to me.

Protocol means only an arrangement, how the data is accessed. This can be 
simple (password => secret) or really complex (OSI Layer 4)

> What exactly does the simplest possible useful solution
> require? Well, it requires you (web page designer) to
> tell me (Mr. Plugin) whether you want me to use GET
> or POST, and it requires you to tell me what personal

I prefer POSTs only. Otherwise all can see your password in the address bar.

> information fields you're asking for. Let's make things
> really nice for Mr. web page designer, and say that
> you can also specify alternative names for our
> "standard" fields. That's about it!

With aliases, you add complexity, where you don't need it.

> The main abstract work here is defining a schema
> for the personal information. I really don't think there's
> any chance of getting this perfect on the first try,

We can if we make it right. That's only a matter of using our brains.

> Yeah, I think(!) that's exactly what I'm thinking.
> The only problem I have with your example is that
> you're replying in XML. Why?

XML extensibe and very simple to parse. Have you ever tried to write a parser 
for a simple linux config file (key value #comment)?
We can also give the website programmer a parser, which returns a simple 
array. This code snip will only be 10 lines long.
Nice, easy and fast!


Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see


reply via email to

[Prev in Thread] Current Thread [Next in Thread]