On 9/5/06, Ivan Krstić <[EMAIL PROTECTED]> wrote:
> Hmm... I don't really understand the entire system you are proposing,
Say Moodle is running on the school server, and wants to authenticate
me. I'm a kid with an OLPC laptop, in range of the school server. I go
to the Moodle login page. My browser sees that I'm talking to the school
server which is whitelisted, and automatically detects the login page
(which includes a nonce), submitting the signed nonce back. Moodle now
has a signature blob that it needs to verify against the user database
on the machine, but which it does not manage. So it spawns off a simple
HTTP GET to some port on localhost, where an identity broker is running;
the broker takes the signed blob and the user's purported identity,
verifies the signature, and returns either a "nay" or an "aye, here's
information about the user" response. Make sense?
Sounds good to me. Who should I be talking to if I want to integrate
with such scheme?
cheers,
martin
_______________________________________________
Sugar mailing list
[email protected]
http://mailman.laptop.org/mailman/listinfo/sugar
