Seemless Single Signon

Sam Ruby rubys at
Fri May 20 07:44:25 PDT 2005

Martin Atkins wrote:
> Sam Ruby wrote:
>>  From the user's point of view, they are the ones authoring the post. 
>> Why do they need to give themselves permission to do so?
> They don't give themselves permission, they give the ID server 
> permission to assert their identity. LiveJournal's ID server has a "Yes; 
> never ask me again" option which allows future assersions on the same 
> site without agreeing again.
> The idea here is to stop sites checking on users without their 
> permission. It's true that their ability to do this is limited -- they 
> can only check for specific IDs, rather than asking "who is logged in?" 
> -- the concern is there.

/me scratches his head.

The actual question is "was X authored by Y?".

What's to stop me from asking multiple times?  And why would you want to 
stop me from asking this question?

I feel like I am missing something obvious here.

> It's likely that ID servers will provide the option for certain users to 
> never be asked for permission again for any site, at which point they 
> will never see the approval page again.

In the AJAX or classic fallbacks, I can see some value in not even 
allowing the creating of the iframe, etc; but we are talking about the 
browser plugin seemless single signon here, right?

- Sam Ruby

More information about the yadis mailing list