November 18, 2007 2:39pm

snellspace.com » Blog Archive » Identity and Authentication

Posted by michael.twofish tagged , , , and
Comments
I think it is well established that HTTP Authentication needs a major kick in the ass and OpenID and OAuth may get us most of the way there. However, until I see RFC#’s attached to both I’m hardly going to consider them to be complete. I propose the creation of an IETF WG on Identity and Authentication. The WG would be chartered to produce two RFC’s covering each of the two areas. OpenID and OAuth could be used to seed the WG effort.

September 24, 2007 12:00pm

Implementing WSSE authentication in WordPress

Posted by michael.twofish tagged , , and
Comments
I was excited to learn recently that the Nokia N73 can speak AtomPub, and that a friend of mine owns one. I thought I'd try to make it talk to the new AtomPub implementation in WordPress, but reading through the N73 documentation I found that it only supports WSSE authentication, and WordPress only speaks HTTP Basic Authentication. I'd never heard of WSSE, but Mark Pilgrim has a good write up on XML.com, and the Ape has the ability to speak WSSE, so I thought I'd implement it in WordPress. Bear in mind that I'm not writing this from a ...
[read more]

September 20, 2007 4:44pm

HTTP Basic Authentication, A Tale of AtomPub, WordPress, PHP, Apache, CGI and SSL/TLS - Joseph Scott's Blog

Posted by michael.twofish tagged , and
Comments
Hopefully everyone takes away two things from this. One, you can’t depend on HTTP basic authentication working. Two, if you aren’t using SSL/TLS then your traffic isn’t secure.
Page:  1