Dear Sirs,

Is it required that user agents have a mechanism for expiring or forgetting
the passwords that are used to access HTTP servers?  IE: a "logout" button
for HTTP built-in authentication.

I imagine that this is the sort of requirement that HTTP people think that
this should be in the HTML group - and vice-versa.

However it is an embarrassing oversight in modern browsers.

                                - Erik

Received on Tuesday, 2 January 2001 10:39:06 UTC