[Auth]kiosk login, etc.

[Ron Burk]

> 1) Do not want to have a client software package on the client machine, a=
> s this will not allow me to do single logon when I am using a kiosk, libr=
> ary, or friend's machine.

That's a problem this proposal deliberately does not cover.
(We should probably spell out the those things in the proposal.)

> Instead of having some software on your machine that holds the password e=
> tc, why not have a server that holds that data for you?

Why not leave that unspecified, as this proposal does? Client
software is free to allow you to tell it that your personal information
database resides on "a server" instead of the local hard disk.
If you regularly use multiple computers in multiple locations
(e.g., home and work), and you install the same client software
in both places, you could store your personal database on
some third-party machine (or just your home machine, if it's
up all the time and connected to the Internet).

The meta-answer is that your approach may be most useful input
for more complex dotGNU single logon solutions that handle
the "20%" problems, such as access from kiosks. A fundamental
premise of this proposal is that it focusses on utter simplicity in
order to have something that could be implemented by existing
players (vendors of password software and web page designers)
very quickly, with no reliance on anything like third-party servers.
Solutions whose priorities are different would likely involve some
scheme similar to what you suggest.


Ron Burk
HighTechInfo.com, www.hightechinfo.com