OpenID Inline Authentication Extension 1.0 Draft 1
Martin Atkins
mart at degeneration.co.uk
Mon Sep 3 07:44:09 UTC 2007
John Ehn wrote:
> The Inline Authentication Extension attempts to solve the problem of
> legacy and interactive applications (Telnet/SSH) that are unable to
> launch a client Web Browser to perform an authentication request.
>
> http://extremeswank.com/openid_inline_auth.html
>
> This is done through the use of "verification keys", which are
> provided either as needed by the OpenID Provider, or provided on a
> rotating basis from a hardware crypto device, or a key generating
> token (SecurID).
>
Hi John,
This is a good, well-written spec. It seems that it could be at home
alongside OpenID HTTP Authentication[1] and possibly Signature Request
Protocol[2], though I've not quite figured out exactly how they relate
to one another yet. I think there may be some overlap between SRP and
Inline Auth, since they are effectively trying to solve much the same
problem.
However, I'm wondering if Inline Auth addresses some or all of the
concerns I described on the Signature Request Protocol wiki page. I'll
look at this in more detail later, but if you'd like to comment that'd
certainly make my life easier. :)
[1] http://openid.net/wiki/index.php/OpenID_HTTP_Authentication
[2] http://openid.net/wiki/index.php/Signature_Request_Protocol
More information about the specs
mailing list