Scenario: Alice, using her browser, wants to access resources on server bob.example, authenticating herself as the owner of server alice.example (or a specific resource on it)
Original answer: use WebID-TLS. But support in the browser has issues, so what are some alternatives?
- Proxy-TLS: Alice talks to her pod, while her pod uses WebID-TLS to talk to bob.example. Her secret key remains on her pod.
- Digital Signatures: Alice signs her request to bob.example using a (non-TLS) private key; bob verifies with public key obtained from alice.example
- Token Confirmation: A secret bearer token passes through all three parties, confirming to bob.example that the client controls alice.example