W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2007

Re: RFC2616 vs RFC2617, was: Straw-man charter for http-bis

From: Joe Orton <joe@manyfish.co.uk>
Date: Fri, 8 Jun 2007 11:38:14 +0100
To: Keith Moore <moore@cs.utk.edu>
Cc: Julian Reschke <julian.reschke@gmx.de>, Paul Hoffman <phoffman@imc.org>, Apps Discuss <discuss@apps.ietf.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <20070608103814.GA6204@manyfish.co.uk> 

On Thu, Jun 07, 2007 at 06:11:53PM -0400, Keith Moore wrote:
> Julian Reschke wrote:
> > BTW: does the framework really require fixing?
>
> I am pretty sure that it does.  I think sites will continue to insist on
> being in control of the look and feel of the username/password dialog. 

Fixing that does not require any changes to the HTTP auth framework. Roy 
pointed out a long time ago that this can be done simply by defining an 
extension to HTML which allows an HTML 401/407 response body to contain 
a form which is used to enter credentials.  <form action="authenticate"> 
or something.

(and possibly some method for browsers to advertise support for this)

joe
Received on Friday, 8 June 2007 10:38:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 4 October 2011 12:13:58 GMT