Domain: a.com
Stories and comments across the archive that link to a.com.
Comments · 8
-
Re:It only authenticates... once?
When you, or SpammerX, type in 'larko.A.com' on B, B makes a connection to http://larko.a.com/, and downloads whatever's there. Depending on the information (openid.server in html head, Yadis document), B sends a HTTP Redirect back to the client browser, sending it over to A. The url might look something like http://a.com/openid/serverendpoint?openid.identit
y =http%3A%2F%2Flarko.A.com%2F. At this point, A can check a username/password combo, browser cookies, IP whitelist, biometrics, and/or any other method of authentication they desire, to determine whether you (or SpammerX) are the owner/controller of 'larko.A.com'. A username need not actually match 'larko' or 'larko.A.com', but it's handy. If the user is logged into A, and the user has given A the go-ahead to trust B with that knowledge, than A uses a HTTP Redirect to send the client browser back to B, along with a Diffie-Hellman signed assertation that the client does, in fact, own/control the resource at url specified, aka 'larko.A.com'. If A cannot make this asseration, (whether the user canceled it, didn't have credentials, etc) it returns openid.canceled to B, and B continues knowing nothing about the user.
There's a layer of indirection at the point where B fetches the specified URL, so an identity like 'examplevanitydomain.com' can delegate to 'example.A.com'. Also, the returned information from A to B need not be limited to just an true/canceled asseration, the SimpleRegistration extension shows how a subset of personal information that A knows can be returned to B. This could be a preferred nickname, or postal code, or whatever. All SREG fields are optional though.
-Alan -
Re:It only authenticates... once?
When you, or SpammerX, type in 'larko.A.com' on B, B makes a connection to http://larko.a.com/, and downloads whatever's there. Depending on the information (openid.server in html head, Yadis document), B sends a HTTP Redirect back to the client browser, sending it over to A. The url might look something like http://a.com/openid/serverendpoint?openid.identit
y =http%3A%2F%2Flarko.A.com%2F. At this point, A can check a username/password combo, browser cookies, IP whitelist, biometrics, and/or any other method of authentication they desire, to determine whether you (or SpammerX) are the owner/controller of 'larko.A.com'. A username need not actually match 'larko' or 'larko.A.com', but it's handy. If the user is logged into A, and the user has given A the go-ahead to trust B with that knowledge, than A uses a HTTP Redirect to send the client browser back to B, along with a Diffie-Hellman signed assertation that the client does, in fact, own/control the resource at url specified, aka 'larko.A.com'. If A cannot make this asseration, (whether the user canceled it, didn't have credentials, etc) it returns openid.canceled to B, and B continues knowing nothing about the user.
There's a layer of indirection at the point where B fetches the specified URL, so an identity like 'examplevanitydomain.com' can delegate to 'example.A.com'. Also, the returned information from A to B need not be limited to just an true/canceled asseration, the SimpleRegistration extension shows how a subset of personal information that A knows can be returned to B. This could be a preferred nickname, or postal code, or whatever. All SREG fields are optional though.
-Alan -
Linky
Wearable computing is a technology that simply hasn't come to maturity yet. Things need to get smaller. But as some further down this page have done lets look at the possibilities.
First, realize that the human body isn't designed to support any large quantity of hardware where most of the sensory organs are clustered, consequently we have to seperate the display from the CPU. The torso is an ideal place to put this sort of thing, both for weight purposes and for its relitivly easy access for the user (try typing on your head sometime).
As for applications, -
Gratuitous linkage
-
The people who hated it:
A LOT of people seem to have very much disliked this movie. This didn't annoy me until I talked to them, and now it does, a little. I don't mind people not liking a movie I liked, but from talking to a lot of such people i'm beginning to cynically suspect that almost everyone who really disliked Matrix Reloaded did so for one simple reason:
They walked into the movie expecting it to be Matrix 1 again, and it isn't. It's a different movie.
That may be a little unfair, but really, most of the people who hated Matrix Reloaded, you ask them why, and what they answer is that the movie basically failed to live up to the specific expectations they had coming in. Well, whatever. I *liked* the surprise of the general tack the movie took, and I for one actually realized before I walked in that it was just going to be a "fun action movie", so I was prepared for that. You know how I know? *BECAUSE THE TRAILERS MADE IT COMPLETELY FRICKING OBVIOUS* that it was going to be a straightforward action movie!
And I'm less sure about this, but: I think the main argument against it seems to be that they missed the "depth" of the first one. Except the second one had its own sort of depth, it just wasn't at all on the same subjects. The first one was full of this very interesting exploration of the meaning of reality. The second one didn't do this, becuase they'd already said everything they had to say on that subject (anyway, the entire second movie almost is spent in the Matrix, and they KNOW what the nature of reality is in the Matrix). The second one just tells a story, but arcing through that story is an also pretty interesting exploration of [mouseover for minor spoiler]. But a lot of people watched it *wanting* this to be an exploration of the nature of reality, and tried to interpret what depth there was as being depth about the nature of reality, from which viewpoint the plot movements seemed asinine and random, the philosophizing seemed irrelivant and trite, and the dialogue seems like bullshit shoehorned in so the movie would have "deep philosophical dialogue" in. But once you get the movie, it works really well. I think.
And it isn't like the ideas in the first one are the most brilliant, original things ever. It was just that the way they were *presented* was brilliant. In a way, the first movie was just an action movie with Plato's Cave as the star. The second movie was just an action movie with [mouseover for MAJOR spoiler] as the star.
(Note: I will acknowledge the second movie had a little bit of trouble getting its momentum started, and the beginning was a little disjointed, and I know that can ruin an entire movie for some people. But I think it redeemed itself pretty quickly..) -
Re:Red Flags for Red Hat
-
Ehhh?
-
Re:Linking to the site and the story