[whatwg] Solving the login/logout problem in HTML
julian.reschke at gmx.de
Tue Nov 25 13:52:29 PST 2008
Ian Hickson wrote:
>> People are trained to configure credentials as value pairs (name,
>> password). Anything more complex than that will be tricky to deploy in
>> generic frameworks.
> Nothing requires servers to do anything but username/password.
> I don't really understand what you are asking here. Presumably in a system
> where only username/password credentials are desired, only username/
> password credentials will be used.
I was hoping that the authentication scheme you're defining can be used
without parsing the HTML response.
A simple way to achieve it would be to restrict it to username/password
pairs, and to have the names of these form parameters live in the
response headers as well.
>> OK, so how do you tell a mount command that your credentials are more
>> complex than username/password?
> How do you tell a mount command that your credentials are a certificate?
If your credentials are a cert, why would you use form-base logon? (I
admit I'm not an expert on these issue, so please by patient with me).
More information about the whatwg