[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Auth]all AIS is supposed to be

From: david nicol
Subject: [Auth]all AIS is supposed to be
Date: Wed, 10 Jul 2002 00:58:06 -0500

a framework for extending an authentication realm.

The nature of the authentication that is used by the realm
is orthogonal to AIS. Passwords, v-codes, retinal scans, AIS
does not care how the AIS server figures out who the user is, it
just defines a protocol used for passing a ticket by way of
the user, and then opening up a back-channel through which
the ticket is exchanged for the identity.

I don't have a https cgi-bin to play with at this time so
my demonstration is all sniffable, but if the demonstration
scripts were put in a SSL web server and the aissri changed
accordingly and the client altered to support https (perhaps
by using LWP instead of composing a http/1.1 request right
there in a hereis string) it should work fine.

So that's all it ovelaps with.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]