- From: Dan Schutzer <dan.schutzer@fstc.org>
- Date: Wed, 24 May 2006 06:53:30 -0400
- To: "'Thomas Roessler'" <tlr@w3.org>, <public-usable-authentication@w3.org>
I think this could form a good base from which to grow stronger mutual authentication, but it would have to be built to be trustworthy. I am curious, what has been the take-up of people, what percentage/number of people actually use these agents today? Is it a large and growing number? If only a small percentage use them, then they are a less attractive candidate. -----Original Message----- From: public-usable-authentication-request@w3.org [mailto:public-usable-authentication-request@w3.org] On Behalf Of Thomas Roessler Sent: Wednesday, May 24, 2006 5:57 AM To: public-usable-authentication@w3.org Subject: Tying "form-filler support" to HTTP authentication What we called "form-filler support" in New York essentially boils down to enabling user agents to reliably recognize form fields that are used to enter credentials. Having additional markup for authentication-related forms (or microformat-like annotations) would serve two main use cases: - User agents can reliably manage passwords (and, possibly, other credentials). - User agents can grab the content of these fields and not submit it through HTTP POST, but use it as credentials for whatever HTTP authentication mechanism is to be used. (Each of these would need slightly different semantics in terms of mark-up.) Additionally (and essentially "for free"), user agents could use this mark-up to trigger whatever additional user interface mechanisms and rituals they might come up with. I'd very much welcome feed-back about this general approach as a scope for one particular direction of further work. PS: I'm in Edinburgh at WWW 2006; if you want to talk about this in person, feel free to drop me a line. Regards, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Wednesday, 24 May 2006 11:00:33 UTC