- From: Robert Sayre <sayrer@gmail.com>
- Date: Wed, 13 Jan 2010 08:46:50 -0500
- To: Tim <tim-projects@sentinelchicken.org>
- Cc: ietf-http-wg@w3.org
On Thu, Jan 7, 2010 at 1:24 PM, Tim <tim-projects@sentinelchicken.org> wrote: > > I appologize in advance if this is not an appropriate place to ask > this question. Feel free to ask questions, but this group is not chartered to add features to HTTP authentication schemes. The charter is here: <http://www.ietf.org/dyn/wg/charter/httpbis-charter.html> > I'm doing some research and I'm interested in learning about any past > proposals to augment HTTP authentication (basic/digest) with a logout > feature. That would address one shortcoming of those schemes, but they both have more fundamental problems. See <http://tools.ietf.org/html/draft-ietf-httpbis-security-properties-03#section-2.2> -- Robert Sayre "I would have written a shorter letter, but I did not have the time."
Received on Wednesday, 13 January 2010 13:47:19 UTC