Re: Technical Review of WebAppSec Credential Management API [2/3] (was Re: Overlap with Credentials/Web Payments CG) from Adrian Hope-Bailie on 2015-04-16 (public-credentials@w3.org from April 2015)

From: Adrian Hope-Bailie <adrian@hopebailie.com>
Date: Thu, 16 Apr 2015 14:54:53 +0200
To: Mike West <mkwst@google.com>
Cc: Keiji Takeda <tkeiji@w3.org>, Gregg Kellogg <gregg@greggkellogg.net>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Credentials Community Group <public-credentials@w3.org>, Web Payments IG <public-webpayments-ig@w3.org>
Message-ID: <CA+eFz_Jw6UnL-Nibw1OK4GdiLBAE8pGjXkwBBVTRqUyJ9GFmMQ@mail.gmail.com>

Good idea. I have submitted a comment to that issue.

On 16 April 2015 at 12:36, Mike West <mkwst@google.com> wrote:

> On Thu, Apr 16, 2015 at 10:43 AM, Adrian Hope-Bailie <
> adrian@hopebailie.com> wrote:
>
>> Personally I support the suggestion of having a Credentials class where
>> the type is defined by a property that is a URI as opposed to sub-classing
>> Credential.
>> (The spec may define a type such as PasswordCredential identified by a
>> URI like http://w3c.org/webappsec/credential/#passwordcredential or
>> similar.)
>> Similarly, each FederatedCredential from each provider would be
>> identified by it's own URI.
>> This means there is no need for an "acceptPasswords" option either.
>>
>
> David filed a bug with suggestions at
> https://github.com/w3c/webappsec/issues/256
>
> Why don't we take this focused portion of the thread there to hammer out
> something that we might be happy with going forward?
>
> -mike
>
> --
> Mike West <mkwst@google.com>, @mikewest
>
> Google Germany GmbH, Dienerstrasse 12, 80331 München,
> Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
> Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
> Flores
> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
>

Received on Thursday, 16 April 2015 12:55:26 UTC