[Social] Re: Privacy-over-Webfinger Draft

social

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Social] Re: Privacy-over-Webfinger Draft

From:	Ben Laurie
Subject:	[Social] Re: Privacy-over-Webfinger Draft
Date:	Wed, 14 Jul 2010 14:47:34 +0100

On 14 July 2010 02:34, Blaine Cook <address@hidden> wrote:
> Attached is a[n early] and long-promised draft of a relatively
> insecure but easy-to-implement approach to decentralized authorization
> using webfinger. Feedback is most welcome, especially in the lead-up
> to the Federated Social Web summit in Portland this weekend.

What summit is this?

Anyway...

a) So much of the spec is out of scope, this doesn't really describe a
mechanism at all.

b) Webfinger is used, it seems, to do all-or-nothing delegation to the
Client. What about scoped delegation?

>
> For those concerned about security, don't despair, crypto can be
> layered on like maple syrup at a sugar shack. :-)

Not using HTTP throughout would probably be a good start.

>
> b.
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Social] Privacy-over-Webfinger Draft, Blaine Cook, 2010/07/14
- [Social] Re: Privacy-over-Webfinger Draft, Ben Laurie <=
  - [Social] Re: Privacy-over-Webfinger Draft, Blaine Cook, 2010/07/14
- [Social] Re: Privacy-over-Webfinger Draft, Brett Slatkin, 2010/07/19

Prev by Date: [Social] Privacy-over-Webfinger Draft
Next by Date: [Social] Re: Privacy-over-Webfinger Draft
Previous by thread: [Social] Privacy-over-Webfinger Draft
Next by thread: [Social] Re: Privacy-over-Webfinger Draft
Index(es):
- Date
- Thread