3 Jul 00:41
Re: [OpenID] OpenID and SSO
From: Hans Granqvist <hans <at> granqvist.com>
Subject: Re: [OpenID] OpenID and SSO
Newsgroups: gmane.comp.web.openid.general
Date: 2008-07-02 22:41:25 GMT
Subject: Re: [OpenID] OpenID and SSO
Newsgroups: gmane.comp.web.openid.general
Date: 2008-07-02 22:41:25 GMT
Not sure what you argue, sorry. The RP decides when to force re-authentication, but also lets the user self-logout whenever if it so wishes. Isn't that is how web sites that use cookies for authentication work today? On Wed, Jul 2, 2008 at 1:08 PM, SitG Admin <sysadmin <at> shadowsinthegarden.com> wrote: >> when needed (a la "Good Morning, Alice. If you are not Alice, >> click here.") > > And if I'm not Alice, but merely have access to her computer? > > "Good morning, unknown user. We think you are Alice, and will treat you as > such unless you, as a potential infiltrator, decide to admit that you > actually aren't Alice." > > -Shade >
RSS Feed