Re: [saag] [websec] Fwd: [http-auth] re-call for IETF http-auth BoF from Marc Williams on 2011-06-21 (public-identity@w3.org from June 2011)

From: Marc Williams <netsequent@gmail.com>
Date: Tue, 21 Jun 2011 15:39:54 -0400
To: Thomas Roessler <tlr@w3.org>
Cc: "KIHARA, Boku" <bkihara.l@gmail.com>, "public-identity@w3.org" <public-identity@w3.org>, "http-auth@ietf.org" <http-auth@ietf.org>, "websec@ietf.org" <websec@ietf.org>, "saag@ietf.org" <saag@ietf.org>
Message-Id: <08A16114-A59F-4EA7-906B-E1273C6A0100@gmail.com>

>> * a method that hands over a password (or a password-equivalent)
>> * a method whose UI can be imitated by malicious sites.
>> 
>> Of course there might be more items, please append.




A method which pemits zero length password authentication


Marc Williams

Received on Tuesday, 21 June 2011 22:45:14 UTC