W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

From: David Morris <dwm@xpasc.com>
Date: Tue, 21 Feb 2012 23:04:45 -0800 (PST)
To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
cc: "iesg@ietf.org" <iesg@ietf.org>, IETF-Discussion <ietf@ietf.org>
Message-ID: <Pine.LNX.4.64.1202212302010.17875@egate.xpasc.com>

On Tue, 21 Feb 2012, Michael Richardson wrote:

> >>>>> "Barry" == Barry Leiba <barryleiba@computer.org> writes:
>     Barry> OAuth is an authorization framework, not an authentication
>     Barry> one.  Please be careful to make the distinction.
>     Barry> What we're looking at here is the need for an HTTP
>     Barry> authentication system that (for example) doesn't send
>     Barry> reusable credentials, is less susceptible to spoofing
>     Barry> attacks, and so on.
> and is implemented in HTTP, not in terms of HTML forms, yet has all the 
> flexibility of the HTML form method?

And includes the ability for the user to logoff / the server reset the 
Received on Wednesday, 22 February 2012 07:05:15 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:00 UTC