Discuss Ch4Part3 here

On an immediate, rather naive level, single sign-on is more versatile than cookies, but it performs some of the same goals. Cookies are limited to one domain (a concept I think can be illustrated by an example; you can't reuse a jot.com cookie on aol.com). Single sign-on is not. Furthermore, single sign-on standards provide more standard ways to transmit additional information about a person, although in theory one can store anything one wants in a cookie. Digital certificates are used in the implementation of single sign-on.

Single sign-on should be presented in this chapter, but with the realization that its deployment is complicated by many factors and shows no sign of becoming common. There are too many things that all sides have to agree on and standardize before single sign-on in any particular case becomes usable.

Andy Oram