- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Sat, 30 May 2015 11:40:44 +0900
- To: Brad Hill <hillbrad@gmail.com>
- Cc: Adrian Hope-Bailie <adrian@hopebailie.com>, Manu Sporny <msporny@digitalbazaar.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Sat, May 30, 2015 at 8:57 AM, Brad Hill <hillbrad@gmail.com> wrote: > The scope of what we are chartered to do in WebAppSec is to work on security > and usability affordances for common systems already deployed, not to invent > new protocols. The FederatedCredential object is a new protocol of sorts though. I think I somewhat agree with Adrian that this does not go far enough in making federated login a part of the platform. It's not flushed out enough and fairly experimental whereas we have plenty of experience with password-based credentials (at least declarative, and making it easier for people to do that <form>-less seems worthwhile). -- https://annevankesteren.nl/
Received on Saturday, 30 May 2015 02:41:09 UTC