Re: Coming back to CREDENTIAL. from Mike West on 2015-09-02 (public-webappsec@w3.org from September 2015)

From: Mike West <mkwst@google.com>
Date: Wed, 2 Sep 2015 20:15:16 +0200
To: Dave Longley <dlongley@digitalbazaar.com>
Cc: Adrian Hope-Bailie <adrian@hopebailie.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <CAKXHy=cOuP-CA7SeNSjse1bcNg=g8h1pR9-n-r5mRbyG20x25Q@mail.gmail.com>

On Wed, Sep 2, 2015 at 4:27 PM, Dave Longley <dlongley@digitalbazaar.com>
wrote:
>
> I agree with that goal. I was only speaking to the situation where
> others may push for the API to be limited to passwords
> (and to defer the extensibility features for a later date).
> If that's where it ends up, then I think the "credentials" terminology
> should not be used and terminology like "passwordManager" should be
> instead. Again, that's not my preference, however, as I'd like to see a
> common, extensible, credential API created.
>

Right now you and Adrian are the only ones I see pushing back on things
outside the password functionality, so I'm happy to hear that you're not
concerned about the scope, just the implementation. :) Do you more or less
agree with the direction that discussion's going (that is, with the
suggestion at the bottom of
https://lists.w3.org/Archives/Public/public-webappsec/2015Sep/0011.html)?

-mike

Received on Wednesday, 2 September 2015 18:16:05 UTC