W3C home > Mailing lists > Public > public-identity@w3.org > November 2011

Re: Web Cryptography Working Group scoping progressing...

From: Henry Story <henry.story@bblfish.net>
Date: Fri, 4 Nov 2011 10:23:06 +0100
Cc: public-identity@w3.org, Harry Halpin <hhalpin@w3.org>
Message-Id: <A4E73965-774C-40EA-ADAB-A09E06B10609@bblfish.net>
To: Brian Smith <bsmith@mozilla.com>

On 4 Nov 2011, at 00:37, Brian Smith wrote:

> Henry Story wrote:
>> "API access to control of SSL/TLS logout, "
>> +1 on that one. Thanks for adding it.
> Actually, I disagree that this is the proper place for this to be standardized, since there are also non-TLS scenerios where no crypto is used but where a logout mechanism is needed (e.g. for HTTP basic auth).

Logout in TLS can be done already in Firefox and IE, with the following JavaScript

function logout(elem) {
   if (document.all == null) {
      if (window.crypto) {
              return false; //firefox ok -- no need to follow the link
          } catch (err) {//Safari, Opera, Chrome -- try with tis session breaking
      } else { //also try with session breaking
   } else { // MSIE 6+
      return false;
   return true


I suggest that the group take it on, and either specify it or help find the group that will specify it so that it can work on all browsers.

> I would prefer for the working group to focus on the crypto API.
> - Brian

Social Web Architect
Received on Friday, 4 November 2011 09:23:37 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:00:47 UTC