Day 77


Total hours: 186.100

Top three:

1) Authentication Flow

Since I'll be using an identity provider I need some way to tie the 2SSL session to the social provider so that a revocation from social provider will revoke immediately on server side which will then revoke on clients device shortly afterwards.

Furthermore dealing with long term identity verification along with bridging and passing data from browser to desktop or mobile application.

2) Wiki Migration

This was overdue including the knowledge attached. At this point the major issue is that different parts of the protocol were designed with different core ideals in place. Adjusting them after the fact is quite expensive so what I do instead is retrofit the information and capabilities. Tweaking where I must.

This is because information relies on other information

3) Session vs Operator Session

This is complicated in that a device can go thru many different sessions. Think like browser connecting to a site. But the operator (that's you) remains the same and identies the same to the server.

This is what I'm figuring out within the 2SSL context since transport and session are two separate things.

However unlike conventional systems where data is mixed in between the browser and server. Here all the information remains on the server and the 'cookies' (or what map to cookie like things) are never sent to client.

This ensures privacy and indistinquishability of connections.

You'll only receive email when they publish something new.

More from Gaya
All posts