Authentication integration: Difference between revisions
Content added Content deleted
imported>Paulproteus No edit summary |
imported>Paulproteus No edit summary |
||
Line 11: | Line 11: | ||
* Applications outside openhatch.org should not be able to use this system to gain information about users. (They might be able to use ''other'' mechanisms, but not this one.) |
* Applications outside openhatch.org should not be able to use this system to gain information about users. (They might be able to use ''other'' mechanisms, but not this one.) |
||
* These applications don't have to be particularly securely maintained. (Specifics...?) |
* These applications don't have to be particularly securely maintained. (Specifics...?) |
||
m_stone's notes: |
|||
* You should plan to rotate authenticators. |
|||
* Maybe use separate HMAC keys for separate "apps"? |
|||
* I'm a bit nervous about having splittable cookies. Maybe add an index cookie? (fun link: [http://wiki.laptop.org/go/Canonical_JSON canonical json]) |
|||
== Overview == |
== Overview == |