[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Auth]A simple serverside authentication scheme
From: |
Norbert Bollow |
Subject: |
Re: [Auth]A simple serverside authentication scheme |
Date: |
Tue, 17 Jul 2001 11:54:00 +0200 |
I wrote:
> > Don't overlook the problem that this approach requires
> > server-side resources (such as bandwidth, hardware, sysadmin
> > time).
Adam Theo <address@hidden> replied:
> actually, i really don't see bandwidth or even CPU resources being even
> a big issue here. even with thousands of users, the effects of a simple
> server-side model would be small.
We're talking about more than just a couple thousand users.
Microsoft is saying that there are 200,000,000 (yes, 200
million) accounts on their passport system already.
> may be true, i don't know enough about it. but just because MS uses a
> 100% server-side, centralized, authoritarian system, no need to not
> consider *anything* that uses a server.
We need to consider every reasonable proposal. Perhaps even
start implementing several proposals.
But with server-side systems we need to do the math first to
make sure that the system won't be killed by its success.
> IMO, it will *have* to be a server-side system. let's just make sure it
> is distributed and not centralized.
As the long term solution, we're building a system that can be
used client-side or server-side (at the user's sole discretion),
and when it's used server-side, it will be a true distributed
system.
For short-term solutions, well if some people believe that
plug-ins are the way to go, and others believe that server-side
is the way to go, then maybe both sides should go forward
with implementing their proposed solutions.
I really believe that Ron's suggestion is the way to go, and
going forward with implementing it should not be delayed just
because you and some others think that a server-based system
would be better.
> plug-ins won't work. for one, they are only browser-based.
Why is this a problem for the short-term solution?
> two, they are traditionally slow to be accepted by users.
Yes, people have a reluctance to install a plug-in. That needs
to be considered.
But aren't we specifically going for the people who have a
reluctance to entrust personal data to any server-side system
(Microsoft's)? It will be difficult to convince them that our
server-side system is more trustworthy than Microsft's.
It'll be an easier sale IMHO to convince them that our system is
better because their data stays in their own PC.
> three, there is no industry wide standard for making plug-ins
> (they are different from browser to browser).
This is not a big problem, as the number of browsers with high
market share is small.
Greetings, Norbert.
--
Norbert Bollow, Weidlistr.18, CH-8624 Gruet (near Zurich, Switzerland)
Your own domain with all your Mailman lists: $15/month http://cisto.com
Business Coaching for Internet Entrepreneurs ---> http://thinkcoach.com
Tel +41 1 972 20 59 Fax +41 1 972 20 69 address@hidden