Network working group Pradeep Kumar Xplorer Internet-Draft Intended status: Standards Track Individual Expires: Oct 8, 2016 April 8, 2016 Single SignON solution to WWW seen as one Giant computer draft-pkx-wwwogc-05 Abstract The document describes a SingleSignON solution to WWW seen as one Giant computer. As WWW use increases, on average an user has many service login accounts they have to manage. It would be better for most users at the expense of some security risk to have one password for all the services and a WWW shell and a control panel. Also the WWW as an intelligent being could show information to an user interpreting their needs from all their accounts. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on Jun 20, 2015. Pradeep Kumar Xplorer Expires Oct 8, 2016 [Page 1] Internet-Draft Single SignON to WWW seen as one Giant Computer Apr 8, 2016 Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction ............................................... 2 2. Background ..................................................2 3. General Information of the service ..........................2 4. Authors Addresses ...........................................5 5. Acknowledgements ............................................5 1. Introduction To implement a Single SIgnON solution to WWW seen as one Giant computer that would help navigate and use the WWW more easily, making passwords more manageable and WWW navigation more intuitive. THis is a precursor to futuristic project of Information as a bird that flies to the users. 2. Background CUrrently as a user i have multiple WWW services, i have a hosting account explodingmoon.org and email as pradeep@explodingmoon.org and email service from hotmail.com, and yahoo.com and i have a kasikorn K-cyber bank account, i have an account with cheaptickets.com that i have not used and i can retrieve and reactivate the password, i have two accounts with facebook. All accounts are used by me by using different usernames/userids and passwords. There might be several other services that i have registered and tried and never used and i do not remember any of these. If i can just authenticate with WWW and access all these serives seamlessly without typing in a password, that would lead to a better User experience and would be more time efficient. 3. General Information of the service I want to propose a WWW service that allows a WWW navigator to access all his authenticated services by logging just once. I want to propose a Valid registered email address as Single SignON key, or a WWW navigators primary email as WWW Single SignON Id. So lets say it is pradeep@explodingmoon.org. Pradeep Kumar Xplorer Expires Oct 8, 2016 [Page 2] Internet-Draft Single SignOn to WWW seen as one Giant computer Apr 8, 2016 I want to propose concept of authentication ID. The authentication ID for an email service is just the email ID. But there could be many different levels of authentication needed to be authorized to perform operations in the WWW, or your desktop. I have a hosting account and access to a control panel in my hosting service, thats a username and password to an application of the hosting service. Or it could be an application that I installed in my domain, like a blogging software. I can propose a domainname and domainname/Filename/ where the application is installed. But authentication ID can be numerous depending on the Operating systems and kinds of software.So in my case now , I want to see my email pradeep@explodingmoon.org as my primary email id and my SingleSignON Id. I have a hosting account in bluehost.com, and a control panel user and password, I have an additional secondary email @explodingmoon.org pradeepkumarxplorer@explodingmoon.org. I have email services in hotmail.com, pradeepan88@hotmail.com, a b2evolution blogging software loaded in http://www.explodingmoon.org/FCSP with a username pradeepkumarxplorer and a password. Right now theres no way for an Information publisher to know who is accesing his or hers website other than their IP addresses. This has been a problem for me as a publisher. I wanted to be able to configure my website and say only authenticated users can view my information. So if a user Helena@athens.net accesses my information site, right now I would see an IP address used in Athens Internet Service providers. I should be able to see the SingleSignON Id of Helena@athens.net using a visitor tracking software. And by making a query to a WHois database or some other Application level tool I should get more info about Helena@Athens.net. I should be able to allow or disallow a user to my website at the HTTP daemon level. So I propose two classes of WWW navigators, Authenticated and anonymous. I can configure my website to allow anonymous users as well. The browser is a common internet application and most users use some publicly available services for email, or services of banks, eshops, travel planning etc. Public meaning the domainames are advertised and can be obtained as part of Information retrieval searches, Wellsfargo.com, cheaptickets.com etc.. A User should be able to either browse anonymously or as an authenticated user. When a User browse anonymously he or she should be restricted to see some contents in the WWW. The WWW should be seen as one Giant Computer. The desktop that you see on Your device should be known as the WWW desktop. A browser should have a Userid and Password field or user can proceed to browse anonymously. When i log into a computer, i should be able to invoke an Action to Authenticate to WWW Desktop. Pradeep Kumar Xplorer Expires Oct 8, 2016 [Page 3] Internet-Draft Single SignON to WWW seen as one Giant computer Apr 8,2016 The URL field should have next to it a UserName textfield and a Password TextField. There should be toggle button which shows who the browser user is, an Authenticated user or an anonymous user. The Desktop and the browser can be configured to accept the Desktops Sessions Username and Password as the WWW Desktops Username and password!. If you are registering for first time, you create a Unique WWW User id that would somehow linked to an external authentication. Lets say i am able to register to the WWW as Pradeep. My WWW id is Pradeep@Desktop.WWW If Pradeep@Desktop.WWW never logs into internet again for two years, how would you locate Pradeep@Desktop.WWW . So in the registration there should be something that links Pradeep@Desktop.WWW to a Non internet realm. Pradeep's travel document or finger print id or retinal scan or that Pradeep carries an Unique Obsidian from California. So the User can browse as anonymous or as an Authenticated User with other attributes. In this design it is only Anonymous and Authenticated. The Single SignON eliminates the need to login multiple times. Lets say I have chosen pradeep@explodingmoon.org as my primary email id or SingleSignON id. Registering for pradeepan88@hotmail.com and pradeep@yahoo.com Would be easy and just need one button click. I am adding these concepts WWW shell I propose a WWW shell, where I can do many operations related to SingleSignON identity. The WWW shell should have Operations like these. Assign Username emailid AddtoProfileofUserName Does not want to see Webpages related to Hindi Movie stars Pradeep Kumar Xplorer Expires Oct 8, 2016 [Page 4] Internet-Draft Single SignON to WWW seen as one Giant computer Apr 8, 2016 List SingleSignONUserName AuthenticationPages (In this case) List pradeep@explodingmoon.org AuthenticationPages pradeepan88@hotmail.com pradeeplugimwidnaus@yahoo.com facebook.com/pdeep facebook.com/xplorer.pradeep www.bluehost.com/Explodingmoon.org www.explodingmoon.org/b2-evolutionInstallDirectory/pxplorer www.kasikornbank.com/K-CyberuserId www.hover.com/UserId pradeepkumarxplorer@gmail.com www.cheaptickets.com/UserId List ProfileSummary pradeep@explodingmoon.org Interests: Fitness, food, Travel, backpacking, Yoga, Webhosting, Journals, airtickets, Artificial intelligence, Health Replicate USername1 Username2 Merge Username1 Username2 Username3 Merge ProfileSummary1 ProfileSummary2 ProfileSummary3 Pradeep Kumar Xplorer Expires Oct 8, 2016 [Page 5] Internet-Draft Single SignON to WWW seen as one Giant computer Apr 8,2016 Load ProfileSummary3 pradeep@explodingmoon.org (May be a Database engine would help Profile management, creation etc) The concept of profile is to implement software that allows Information to fly to Users. I am adding these. A smartcard device can be used for SingleSignON and it can enforce additional authentication. I insert a card and the client requests me to put my fingers or place my eyes for retinal scan. In addition information from services not used ot viewed can be shown. If i dont login to some domains or servives and the messages in those domains or services can be shown to remind me they are not looked at for long time. Also browser can be opened with httpsso:// service to be in this mode. I also want to propose a Logs file for Webserver available automatically without use configuration for the privieleged users or owner of the website. So i own http://www.explodingmoon.org, the weblogs should be available to privileged users in http://www.explodingmoon.org/Logs and it should show some User Identitiies that can be clicked on to find out all the emails, contact phone numbers and whatever the User Identity wants to list. This can be made a HTTP standard so i dont have to install congigure user tracking. Added on Apr 8, 2016 I now want to propose that an internet session be abel to be linked to a phone number. This automatically happens if i am using an Android with a SIM card. I should be able to do this from Operating system control panel and the awstats or webstatistics should show phone numbers as well as IP address.A verification is probably needed and it could be costly.The authentication id could be used as the phone number. 4.Authors' Addresses Pradeep Kumar Xplorer EMail: pradeepan88@hotmail.com URI: http://www.explodingmoon.org http://www.dhyanayoga.info 5.Acknowledgement I have been a publisher of http://www.dhyanayoga.info since 2004/2005 and http://www.explodingmoon.org since 2008. I have used bluehost.com for hosting my website and have found the need to know who views my site, their email addresses and not just IP address. If i can be shown a Single SignON identity like a primary email address that when clicked on expands to other identities that viewers allows to reveal, it would be useful to me as a publisher. Pradeep Kumar Xplorer Expires Oct 8, 2016 [Page 6] Internet-Draft Single SignON to WWW seen as one Giant computer Apr 8, 2016