Network working group Pradeep Kumar Xplorer
Internet-Draft
Intended status: Standards Track Individual
Expires: May 3, 2017 Dec 3, 2016
Single SignON solution to WWW seen as one Giant computer and use of
a smartcard where a phone SIM can be inserted to authenticate
draft-pkx-wwwogc-07
Abstract
The document describes a SingleSignON solution to WWW seen as one Giant
computer. As WWW use increases, on average an user has many service login
accounts they have to manage. It would be better for most users at the
expense of some security risk to have one password for all the services and
a WWW shell and a control panel. Also the WWW as an intelligent being could
show information to an user interpreting their needs from all their accounts.
A smartcard could have a phone SIM slot and phone devices and computers can
have smartcard slots and email user should be able to allow login only by insertion
of smartcards.A smart card can be programmed with user details and a session
manager software can be used to allow the user to login / create and use many services.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 24, 2017.
Pradeep Kumar Xplorer Expires May 3, 2017 [Page 1]
Internet-Draft Single SignON to WWW seen as one Giant Computer Dec 3, 2016
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction ............................................... 2
2. Background ..................................................2
3. General Information of the service ..........................2
4. Authors Addresses ...........................................5
5. Acknowledgements ............................................5
1. Introduction
To implement a Single SIgnON solution to WWW seen as one Giant computer
that would help navigate and use the WWW more easily, making passwords
more manageable and WWW navigation more intuitive. THis is a precursor to
futuristic project of Information as a bird that flies to the users.
2. Background
CUrrently as a user i have multiple WWW services, i have a
hosting account explodingmoon.org and email as pradeep@explodingmoon.org
and email service from hotmail.com, and yahoo.com and i have a
kasikorn K-cyber bank account, i have an account with cheaptickets.com
that i have not used and i can retrieve and reactivate the password,
i have two accounts with facebook. All accounts are used by me by using
different usernames/userids and passwords. There might be several other
services that i have registered and tried and never used and i do not
remember any of these. If i can just authenticate with WWW and access
all these serives seamlessly without typing in a password, that would
lead to a better User experience and would be more time efficient.
3. General Information of the service
I want to propose a WWW service that allows a WWW navigator to access all his
authenticated services by logging just once. I want to propose a Valid registered
email address as Single SignON key, or a WWW navigators primary email as WWW Single
SignON Id. So lets say it is pradeep@explodingmoon.org.
Pradeep Kumar Xplorer Expires May 3, 2017 [Page 2]
Internet-Draft Single SignOn to WWW seen as one Giant computer Dec 3, 2016
I want to propose concept of authentication ID. The authentication ID for an email
service is just the email ID. But there could be many different levels of
authentication needed to be authorized to perform operations in the WWW, or
your desktop. I have a hosting account and access to a control panel in my hosting
service, thats a username and password to an application of the hosting service.
Or it could be an application that I installed in my domain, like a blogging
software. I can propose a domainname and domainname/Filename/ where the application
is installed. But authentication ID can be numerous depending on the Operating
systems and kinds of software.So in my case now , I want to see my email
pradeep@explodingmoon.org as my primary email id and my SingleSignON Id.
I have a hosting account in bluehost.com, and a control panel user and password,
I have an additional secondary email @explodingmoon.org
pradeepkumarxplorer@explodingmoon.org. I have email services in hotmail.com,
pradeepan88@hotmail.com, a b2evolution blogging software loaded in
http://www.explodingmoon.org/FCSP with a username pradeepkumarxplorer
and a password.
Right now theres no way for an Information publisher to know who is accesing his
or hers website other than their IP addresses. This has been a problem for me as
a publisher. I wanted to be able to configure my website and say only authenticated
users can view my information. So if a user Helena@athens.net accesses my
information site, right now I would see an IP address used in Athens Internet
Service providers. I should be able to see the SingleSignON Id of Helena@athens.net
using a visitor tracking software. And by making a query to a WHois database or
some other Application level tool I should get more info about Helena@Athens.net.
I should be able to allow or disallow a user to my website at the HTTP daemon level.
So I propose two classes of WWW navigators, Authenticated and anonymous.
I can configure my website to allow anonymous users as well.
The browser is a common internet application and most users use some publicly
available services for email, or services of banks, eshops, travel planning etc.
Public meaning the domainames are advertised and can be obtained as part of
Information retrieval searches, Wellsfargo.com, cheaptickets.com etc..
A User should be able to either browse anonymously or as an authenticated user.
When a User browse anonymously he or she should be restricted to see some
contents in the WWW.
The WWW should be seen as one Giant Computer. The desktop that you see on
Your device should be known as the WWW desktop.
A browser should have a Userid and Password field or user can proceed to
browse anonymously.
When i log into a computer, i should be able to invoke an Action to
Authenticate to WWW Desktop.
Pradeep Kumar Xplorer Expires May 3, 2017 [Page 3]
Internet-Draft Single SignON to WWW seen as one Giant computer Dec 3,2016
The URL field should have next to it a UserName textfield and a Password
TextField.
There should be toggle button which shows who the browser user is, an
Authenticated user or an anonymous user.
The Desktop and the browser can be configured to accept the Desktops
Sessions Username and Password as the WWW Desktops Username and password!.
If you are registering for first time, you create a Unique WWW User id
that would somehow linked to an external authentication.
Lets say i am able to register to the WWW as Pradeep.
My WWW id is Pradeep@Desktop.WWW
If Pradeep@Desktop.WWW never logs into internet again for two years,
how would you locate Pradeep@Desktop.WWW . So in the registration there should
be something that links Pradeep@Desktop.WWW to a Non internet realm.
Pradeep's travel document or finger print id or retinal scan or
that Pradeep carries an Unique Obsidian from California.
So the User can browse as anonymous or as an Authenticated User with
other attributes.
In this design it is only Anonymous and Authenticated.
The Single SignON eliminates the need to login multiple times.
Lets say I have chosen pradeep@explodingmoon.org as my primary email id or
SingleSignON id. Registering for pradeepan88@hotmail.com and pradeep@yahoo.com
Would be easy and just need one button click.
I am adding these concepts WWW shell
I propose a WWW shell, where I can do many operations related to SingleSignON
identity.
The WWW shell should have Operations like these.
Assign Username emailid
AddtoProfileofUserName Does not want to see Webpages related to
Hindi Movie stars
Pradeep Kumar Xplorer Expires May 3, 2017 [Page 4]
Internet-Draft Single SignON to WWW seen as one Giant computer Dec 3, 2016
List SingleSignONUserName AuthenticationPages
(In this case)
List pradeep@explodingmoon.org AuthenticationPages
pradeepan88@hotmail.com
pradeeplugimwidnaus@yahoo.com
facebook.com/pdeep
facebook.com/xplorer.pradeep
www.bluehost.com/Explodingmoon.org
www.explodingmoon.org/b2-evolutionInstallDirectory/pxplorer
www.kasikornbank.com/K-CyberuserId
www.hover.com/UserId
pradeepkumarxplorer@gmail.com
www.cheaptickets.com/UserId
List ProfileSummary pradeep@explodingmoon.org
Interests: Fitness, food, Travel, backpacking, Yoga,
Webhosting, Journals, airtickets, Artificial intelligence,
Health
Replicate USername1 Username2
Merge Username1 Username2 Username3
Merge ProfileSummary1 ProfileSummary2 ProfileSummary3
Pradeep Kumar Xplorer Expires May 24, 2017 [Page 5]
Internet-Draft Single SignON to WWW seen as one Giant computer Dec 3,2016
Load ProfileSummary3 pradeep@explodingmoon.org
(May be a Database engine would help Profile management, creation etc)
The concept of profile is to implement software that allows Information
to fly to Users.
I am adding these. A smartcard device can be used for SingleSignON and it can enforce
additional authentication. I insert a card and the client requests me to put my fingers or
place my eyes for retinal scan. In addition information from services not used ot viewed
can be shown. If i dont login to some domains or servives and the messages in those domains
or services can be shown to remind me they are not looked at for long time.
Also browser can be opened with httpsso:// service to be in this mode.
I also want to propose a Logs file for Webserver available automatically without
use configuration for the privieleged users or owner of the website. So i own
http://www.explodingmoon.org, the weblogs should be available to privileged users
in http://www.explodingmoon.org/Logs and it should show some User Identitiies that
can be clicked on to find out all the emails, contact phone numbers and whatever the
User Identity wants to list. This can be made a HTTP standard so i dont have to install
congigure user tracking.
Added on Apr 8, 2016
I now want to propose that an internet session be abLE to be linked to a phone
number. This automatically happens if i am using an Android with a SIM card.
I should be able to do this from Operating system control panel and the awstats
or webstatistics should show phone numbers as well as IP address.A verification
is probably needed and it could be costly.The authentication id could be used
as the phone number.
Added on Nov 24, 2017
I want to propose a smartcard solution for webemail security. Currently anone with
password can login into most webbased emails. If a phone SIM that can be inserted into
A SMART CARD SLOT THAT CAN BE INSERTED INTO COMPUTER CAN BE USED AS ADDITIONAL AUTHENTICATION.
WHEN I LOGIN INTO PRADEEPAN88@HOTMAIL.COM IT CAN REQUEST FOR SMARTCARD IN ITS SLOT OR
PREVENT LOGIN.
I should be able to purchase a smartcard, insert my phone SIM and configure my details
and the computer operating systems can have a session manager, and i insert the smart card
into the slot in the smart phone or laptop or computer and then i can browse use services.
I can create new accounts without filling in details, use existing accounts without retyping
passwords.
4.Authors' Addresses
Pradeep Kumar Xplorer
EMail: pradeepan88@hotmail.com
URI: http://www.explodingmoon.org
http://www.dhyanayoga.info
5.Acknowledgement
I have been a publisher of http://www.dhyanayoga.info since 2004/2005
and http://www.explodingmoon.org since 2008. I have used bluehost.com
for hosting my website and have found the need to know who views my site,
their email addresses and not just IP address. If i can be shown a
Single SignON identity like a primary email address that when clicked
on expands to other identities that viewers allows to reveal, it would
be useful to me as a publisher.
Pradeep Kumar Xplorer Expires May 3, 2017 [Page 6]
Internet-Draft Single SignON to WWW seen as one Giant computer Dec 3, 2016