W3C home > Mailing lists > Public > www-tag@w3.org > January 2008

passwordsInTheClear-52 related work: logout ISSUE-52

From: Dan Connolly <connolly@w3.org>
Date: Thu, 17 Jan 2008 11:56:37 -0600
To: www-tag <www-tag@w3.org>
Message-Id: <1200592597.6313.296.camel@pav>

I have an action from our discussion of passwordsInTheClear-52:

Note the old submission about logout button under passwordsInTheClear
ACTION-89
http://www.w3.org/2001/tag/group/track/actions/89



The old submission is:


                    User Agent Authentication Forms
                         W3C Note - 03 Feb 1999

This Version: 
http://www.w3.org/TR/1999/NOTE-authentform-19990203 
Latest Version: 
http://www.w3.org/TR/NOTE-authentform 
Author: 
Scott Lawrence, Agranat Systems,
Inc.
Paul Leach, Microsoft


"HTTP Authentication has the addition problem that there is no mechanism
available to the server to cause the browser to 'logout'; that is, to
discard its stored credentials for the user. This presents a problem for
any web application that may be used from a shared user agent. Requests
for how to force 'logout' appear almost daily in the netnews html and
cgi authoring groups, and are one of the most common support questions
received by Agranat Systems from their customers developing embedded
systems web interfaces.

...

An AUTHFORM may contain INPUT elements with the special types AUTHUSER,
AUTHSECRET, AUTHLOAD, and AUTHUNLOAD ..."

-- 
Dan Connolly, W3C http://www.w3.org/People/Connolly/
gpg D3C2 887B 0F92 6005 C541  0875 0F91 96DE 6E52 C29E
Received on Thursday, 17 January 2008 17:56:49 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:47:51 GMT