- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Thu, 27 Nov 2008 12:06:14 +0100
Martin Atkins wrote: > ... > I may be forgetting missing some use-cases here (I don't recall what > exactly motivated this custom auth scheme) but there may still be value > in a cut-down version of this scheme: > > ... > I concede that once you generalize it in this way it becomes even less > relevant to the HTML spec than it was to begin with, though I'm not sure > where else to propose such a thing, and in practice as long as websites > are primarily HTML login forms presumably will be as well. > ... Indeed. The specification of this scheme (which essentially is a no-op to implement for browser vendors and which already works "almost everywhere") could either happen in the W3C or in the IETF. I'm happy to assist in case the latter alternative is chosen. Best regards, Julian PS: And, as Robert S. stated, HTML5 should specify that the response body should be displayed when the auth scheme is unknown.
Received on Thursday, 27 November 2008 03:06:14 UTC