WDAI principal contributions
-
Moving to distributed hypertext collections presents new distributed
authorization problems
-
WDAI provides a simple, portable solution that is compatible with today's
SSL-enabled browsers
-
WDAI doesn't impose any security policy
-
Simplified user administration. Documents server's don't share any
authentication secrets with browsers
-
Handling of authorization certificates without modifying existing SSL-enabled
browsers (DEMO)
Future work
-
Tartu: open source protototype of WDAI using the apache server and mod_ssl.
-
Delegation of authorization certificates between users
-
A language for expressing access control rules in EACLs and security
attributes in authorization certificates (IETF)
-
Your own contributions to the field!
WDAI home page
http://www.w3.org/People/Jose/wdai/