W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2015

Re: Technical Review of WebAppSec Credential Management API [2/3] (was Re: Overlap with Credentials/Web Payments CG)

From: Mike West <mkwst@google.com>
Date: Thu, 16 Apr 2015 12:36:32 +0200
Message-ID: <CAKXHy=eL15T4M6UqxMGxSStbx_Mkgc1wzU+6cSvGq9U7GVxHGw@mail.gmail.com>
To: Adrian Hope-Bailie <adrian@hopebailie.com>
Cc: Keiji Takeda <tkeiji@w3.org>, Gregg Kellogg <gregg@greggkellogg.net>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Credentials Community Group <public-credentials@w3.org>, Web Payments IG <public-webpayments-ig@w3.org>
On Thu, Apr 16, 2015 at 10:43 AM, Adrian Hope-Bailie <adrian@hopebailie.com>
wrote:

> Personally I support the suggestion of having a Credentials class where
> the type is defined by a property that is a URI as opposed to sub-classing
> Credential.
> (The spec may define a type such as PasswordCredential identified by a URI
> like http://w3c.org/webappsec/credential/#passwordcredential or similar.)
> Similarly, each FederatedCredential from each provider would be identified
> by it's own URI.
> This means there is no need for an "acceptPasswords" option either.
>

David filed a bug with suggestions at
https://github.com/w3c/webappsec/issues/256

Why don't we take this focused portion of the thread there to hammer out
something that we might be happy with going forward?

-mike

--
Mike West <mkwst@google.com>, @mikewest

Google Germany GmbH, Dienerstrasse 12, 80331 München,
Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
Received on Thursday, 16 April 2015 10:37:21 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:12 UTC