[OpenID] Very Rough Authentication API
Stephen Paul Weber
singpolyma at gmail.com
Mon Jul 30 22:54:07 UTC 2007
Hello lists!
I have been reading the specs on API auth systems such as OpenAuth, WSSE,
Facebook API, Google AuthSub, and others. Based on this reading and my
experiences implementing different auth systems, I have created a draft for
a generic third-party API auth system that will work fine with OpenID,
username/password, or anything else <
http://webos.singpolyma.net/Authentication/TEP>.
I'm sending this also to the OpenID list, not only because this draft
will work well with OpenID, but because many people in the OpenID community
have a lot of experience in security! You guys have done an excellent job
of more than doubling my understanding of online security issues since I
first joined this list. I would readlly appreciate any feedback on
holes/potential holes in my draft.
Thanks so much,
Stephen Paul Weber <http://singpolyma.net/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070730/2e1b4534/attachment-0001.htm>
More information about the general
mailing list