>>>>> "Barry" == Barry Leiba <barryleiba@xxxxxxxxxxxx> writes:
Barry> OAuth is an authorization framework, not an authentication
Barry> one. Please be careful to make the distinction.
Barry> What we're looking at here is the need for an HTTP
Barry> authentication system that (for example) doesn't send
Barry> reusable credentials, is less susceptible to spoofing
Barry> attacks, and so on.
and is implemented in HTTP, not in terms of HTML forms, yet has all the
flexibility of the HTML form method?
Or is that still out of scope?
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@xxxxxxxxxxxxxxxxxxxxxx http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
then sign the petition.
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf