[whatwg] Solving the login/logout problem in HTML
Ian Hickson
ian at hixie.ch
Wed Nov 26 13:42:56 PST 2008
On Wed, 26 Nov 2008, Jonas Sicking wrote:
>
> As I said at the F2F meeting in France, I don't think this is the right
> way to go. I think moving away from passwords and HTML logins are
> absolutely necessary.
I agree.
> There are much better identity based authentication schemes out there.
> Many do have problems, but these problems can be addressed.
Let's address them. I don't know how to do so.
> I'd much rather find a identity based solution that significantly can
> improve the current, really bad, situation regarding authentication.
Well, given Philip`'s description of the security problem, and the
observation that it needs to be changed in a way that decouples it from
HTML, I'll remove the section soon.
If anyone wants to edit it, please, take the text and run with it.
--
Ian Hickson U+1047E )\._.,--....,'``. fL
http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
More information about the whatwg
mailing list