[foaf-dev] Re: Oauth
Anthony Steele
anthony.steele13 at ntlworld.com
Wed Mar 26 12:36:33 GMT 2008
On 25.03.2008 17:59:33, Julian Bond wrote:
>I feel like I'm missing something here. oAuth was built specifically to
>enable non-browser agents and non-UI applications to have good
>authentication. And it feels like you're re-inventing oAuth. And I'm not
>sure why.
I've read a biy on oAuth now, and while I think there's a lot of good ideas in it that I can use to conditionally protect foaf data, it doesn't seem to be designed to addres the scenario that I had in mind.
from http://oauth.net/core/1.0/
Definitions:
Service Provider:
A web application that allows access via OAuth.
User:
An individual who has an account with the Service Provider.
Consumer:
A website or application that uses OAuth to access the Service Provider on behalf of the User.
The problem is that if I want to access your foaf data on server A, this states that I need an account on server A.
I don't want that, not requiring such an account is the basic problem hat I have turned to openId et all in order to get away from.
Perhaps I will just ignore that requirement, and allow openAuth tokens to be issued to anyone who appears in a friends list.
Thanks
Anthony
-----------------------------------------
Email sent from www.virginmedia.com/email
Virus-checked using McAfee(R) Software and scanned for spam
More information about the foaf-dev
mailing list