- From: Mike Meyer <mwm@contessa.phone.net>
- Date: Tue, 18 Jul 95 09:51:30 PST
- To: www-talk@w3.org
> >******* II. The business-card authentication scheme > > > >I propose a new http authentication scheme; let's call it > >"business-card". Its purpose is to facilitate access control policies > >similar to "I'll show you my information if you'll leave your business > >card in the bowl." This does nothing to insure that the information is correct. However, it's a nice idea, and beats the alternative of a "registration" page that people can put the same lies on. > What about the millions of installed browsers which don't have the business > card authentication scheme built in? Some browsers [Enhanced Mosaic plug] > might have plug-in security modules, but they're the exception. Presumably, such a scheme would have use an extension header, ala the Digest authentication method. Presumably, it would look like: Extension: Security/Card Servers that have plug-in and chainable modules [aws plug] could then either use the Security/Card method if the extension line was in the headers, or hand back the "registration" page if there was no extension line. <mike
Received on Tuesday, 18 July 1995 12:58:15 UTC