W3C home > Mailing lists > Public > public-usable-authentication@w3.org > July 2006

Re: Draft charters available; please comment.

From: spam filter <spam+w3c@jeff-nelson.com>
Date: Wed, 5 Jul 2006 11:50:59 -0700
Message-ID: <a76292cb0607051150p568d51e4va1d8b553bfdbcae6@mail.gmail.com>
To: "Amir Herzberg" <amir.herzberg@gmail.com>, "Mary Ellen Zurko" <Mary_Ellen_Zurko@notesdev.ibm.com>, public-usable-authentication@w3.org

On 7/5/06, spam filter <spam+w3c@jeff-nelson.com> wrote:
> http://www.w3.org/2005/Security/htmlauth-charter
>
>
>
> >     * a W3C Recommendation that describes an annotation mechanism that supports at least HTTP Digest Authentication, and possibly other authentication mechanisms as the working group sees fit
>
> I'm not as familar with these requirements.  It looks like we're
> specifying an annotation of authentication meta-data.


Further, could someone elaborate on these requirements?  For example,
are there any existing products which are exemplary of the annotation
or meta-data we'd standardize through this working group?

For example, if I had to speculate, I think there are QoS issues that
could be specified using an annotation, such as

Site supports personalization
Site supports mutual auth
Site supports ZKPP derived session key
Site lexical password format requirements
Proof of mutual auth
How and where to show personalization proof

Is this the intended direction?

 - Jeff
Received on Wednesday, 5 July 2006 18:51:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:34:14 GMT