DISCLAIMER: this work represents the author's own opinions and not necessarily those of W3C or of INRIA.


WDAI is a proposal for a simple and general infrastructure for distributed authorization on the World-Wide Web. Under WDAI, browsers and servers exchange authorization information using X.509v3-based authorization certificates.

Here's a bird's view of WDAI:

The goals of WDAI are the following:

Provide a simple and general authorization infrastructure for distributed hypertext systems

Project history

Oct 1998: Idea for WDAI occurs while attending ApacheCon'98 (Apache developers conference)

May 1998: Paper presented at WWW8: "WDAI: a simple W3 distributed authorization infrastrcture"

Summer 1998 (expected): Tartu, a prototype implementation of WDAI using Apache, mod_ssl, open SSL, and your favorite browser.

Previous work


CAMWWW is an earlier work I developed during my PhD (to be honest, CAMWWW is the name of the prototype I built, rather of the project, but it's a simple way to refer to it). I developed a non nominative capability-based access control model adapted for distributed hypermedia systems. In CAMWWW, access rights to documents are set up according to the properties of hypertext document collections. Access information is exchanged between browsers and servers using a propietary self-contained capability, inspired from the ECMA-238 standard. I built a prototype using Mosaic/PGP and the NCSA httpd server. My plan was to release it but the NSA (Never Say Anything) put pressure on the NCSA folks and made them retire Mosaic/PGP from the public distribution. Mosaic/PGP was just a patched Mosaic which had hooks for calling PGP or PEM. It didn't include either of those tools, so it was a pity it was "destroyed."

WDAI is different from CAMWWW in that it doesn't impose any security policy and that it can be used with standard SSL-enabled browsers.

Here's some of the on-line references on CAMWWW (I have a couple more, but I don't have time to put all of them here today).


... are welcome!

For the moment, I'm the only one working on WDAI and I only work on it during my free time, after work hours.

Contact info


W3C/INRIA, ZIRST 655, av. de l'Europe, 38330 Montbonnot Saint Martin FRANCE