How to do auth on web? Honest and serious question. WWW-Authenticate and Authorization provide basic (lol) and digest (mitm), so can't use them. Alternative? Public key authentication (usually implemented with a HTTPS / SSL client certificate) ... sounds good. How to request, provide, or manage/select a client certificate with browser? nothing specified or implemented, maybe use keygen to request? (deprecated in live browsers), maybe provide a certificate with application/x-x509-user-cert (deprecated in live browsers), manage/select? (nothing specified) keygen is specified and was implemented terribly, but where's the alternative. How to do auth on web? A question I certainly can't answer, can anybody here? On Mon, May 30, 2016 at 10:40 AM, Chaals McCathie Nevile < chaals@yandex-team.ru> wrote: > Hi folks, > > there is an open issue [1] and open call for consensus [2] to remove > keygen from HTML. Since the TAG, or its members, appear to have opinions > about our spec, we'd be grateful to hear them. > > cheers > > Chaals > > [1] https://github.com/w3c/html/issues/43 > [2] http://www.w3.org/mid/op.yhs220oos7agh9@widsith.local > > -- > Charles McCathie Nevile - web standards - CTO Office, Yandex > chaals@yandex-team.ru - - - Find more at http://yandex.com > >Received on Wednesday, 1 June 2016 09:31:08 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:57:14 UTC