This kind of information is not necessarily available to the user agents all the time (may be it can guess if the input fields are labeled as user id/ password but given that there are no standards I wouldn't say it's reliable information). I agree that smart cards (USB, Cac, etc. - pluggable hardware devices) based authentication info might be available to the user agents but I am not sure if there is any value with it, not knowing what it is used for at the web site. - Praveen AlavilliPraveen@aol.com wdoyle@mitre.org wrote: > With the discussion on authentication mechanism I added some text > to the user agent section. Imagine that this will generate some conversation > > > > 7.5 Provided by user agent > > o Robustness of Authentication mechanism(s) used to establish user > identity > > § One Factor (Shared Secret, something you know) > > • ID / Password > > • Personalized access control (e.g. ID/Password with additional > fields customized by user such as graphic and/or text field(s)) > > § Two Factor (something you have / something you are) > > • Smart Cards, tokens (e.g. USB, CaC, RSA SecureID) > > • Biometrics > > > > Bill D. > > wdoyle@mitre.org <mailto:wdoyle@mitre.org> >Received on Tuesday, 13 March 2007 15:22:36 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:46 GMT