W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 22 Feb 2012 09:39:33 +0100
Message-ID: <4F44A9C5.8010404@gmx.de>
To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, "iesg@ietf.org" <iesg@ietf.org>, IETF-Discussion <ietf@ietf.org>
CC: David Morris <dwm@xpasc.com>
On 2012-02-22 08:04, David Morris wrote:
>
>
> On Tue, 21 Feb 2012, Michael Richardson wrote:
>
>>
>>>>>>> "Barry" == Barry Leiba<barryleiba@computer.org>  writes:
>>      Barry>  OAuth is an authorization framework, not an authentication
>>      Barry>  one.  Please be careful to make the distinction.
>>
>>      Barry>  What we're looking at here is the need for an HTTP
>>      Barry>  authentication system that (for example) doesn't send
>>      Barry>  reusable credentials, is less susceptible to spoofing
>>      Barry>  attacks, and so on.
>>
>> and is implemented in HTTP, not in terms of HTML forms, yet has all the
>> flexibility of the HTML form method?
>
> And includes the ability for the user to logoff / the server reset the
> login?

Is that a protocol problem or a user agent problem?

-- > <http://lists.w3.org/Archives/Public/www-archive/2012Jan/0023.html>

Best regards, Julian
Received on Wednesday, 22 February 2012 08:40:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:56 GMT