Thomas Broyer | 11 Dec 10:54 2008

Re: Solving the login/logout problem in HTML

[ CC: ietf-http-wg, ietf-http-auth; please follow up to ietf-http-auth only ]
The thread started at

On Wed, Nov 26, 2008 at 12:47 PM, Thomas Broyer wrote:
> On Tue, Nov 25, 2008 at 6:26 AM, Ian Hickson wrote:
>> It seems to me that the first limitation of form authentication could be
>> removed by inventing a new WWW-Authenticate challenge that means "reply to
>> the form in the page". I have now specified such a value in HTML5 (since
>> it is specific to entity bodies that contain HTML forms):
> I came to the same conclusion [...]

On Thu, Nov 27, 2008 at 9:38 PM, Ian Hickson wrote:
> On Thu, 27 Nov 2008, Julian Reschke wrote:
>> The specification of this scheme (which essentially is a no-op to
>> implement for browser vendors and which already works "almost
>> everywhere") could either happen in the W3C or in the IETF. I'm happy to
>> assist in case the latter alternative is chosen.
> I've removed the text from HTML5. If anyone wants to run with this and
> specify it in a separate document, please let me know.
> Thanks everyone for the feedback on this idea. I recommend that interested
> parties get together and come up with a simple RFC for a better solution.

(Continue reading)