Steve Moyer <[EMAIL PROTECTED]> says... > No doubt this is true, however there are many legitimate reasons for > site developers TO share information in this way. One prime example > would be a "universal login" facility. Site A could hold usernames and > passwords in trust. A user would log into site A, and site A could > then post to the "Universal Object" a key which would essentially say > "this user is authenticated by site A". Sites B, C, and D could then > accept this authentication and grant access based on it without the > need for cumbersome and time-consuming authentication procedures of > their own. > > The user wins because they need to remember only ONE username and > password to get access to everything on the net. Sites B, C, and D win > because they are unburdened of the necessity to implement and maintain > authentication systems of their own. Erm...are you on drugs? When, exactly, did it become logical to allow clients to authenticate themselves? Or allow any website you happen to go to to figure out your name and password?
