Re: Technical Review of WebAppSec Credential Management API [2/3] (was Re: Overlap with Credentials/Web Payments CG)

+1 Adrian


On Thu, Apr 16, 2015 at 8:54 AM, Adrian Hope-Bailie <adrian@hopebailie.com>
wrote:

> Good idea. I have submitted a comment to that issue.
>
> On 16 April 2015 at 12:36, Mike West <mkwst@google.com> wrote:
>
>> On Thu, Apr 16, 2015 at 10:43 AM, Adrian Hope-Bailie <
>> adrian@hopebailie.com> wrote:
>>
>>> Personally I support the suggestion of having a Credentials class where
>>> the type is defined by a property that is a URI as opposed to sub-classing
>>> Credential.
>>> (The spec may define a type such as PasswordCredential identified by a
>>> URI like http://w3c.org/webappsec/credential/#passwordcredential or
>>> similar.)
>>> Similarly, each FederatedCredential from each provider would be
>>> identified by it's own URI.
>>> This means there is no need for an "acceptPasswords" option either.
>>>
>>
>> David filed a bug with suggestions at
>> https://github.com/w3c/webappsec/issues/256
>>
>> Why don't we take this focused portion of the thread there to hammer out
>> something that we might be happy with going forward?
>>
>> -mike
>>
>> --
>> Mike West <mkwst@google.com>, @mikewest
>>
>> Google Germany GmbH, Dienerstrasse 12, 80331 München,
>> Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
>> Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
>> Flores
>> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
>>
>
>

Received on Friday, 17 April 2015 00:39:42 UTC