- From: Robert Sayre <rsayre@mozilla.com>
- Date: Mon, 18 Jun 2007 01:14:09 +0000
- To: ietf-http-wg@w3.org
> > > Since when do IETF specify client implementation besides what impacts > > the wire protocols? > > > Traditionally we try to not constrain client design more than necessary, > but that doesn't mean we strictly limit ourselves to defining what > happens on the wire. As several people have mentioned, the extension point we should be looking at is the body of the 401 response. All web browsers display this content when they don't understand the scheme given in the WWW-Authenticate header. That makes it possible to extend HTML with form elements specific to secure credentials. That is a wire protocol. The meaning and requirements of those elements can probably be made clear without venturing very far into client design. - Rob
Received on Monday, 18 June 2007 07:50:32 UTC