| age |
author |
description |
| 8 months |
Thomas Broyer |
Added preliminary info on hotel wifi; will add some more later (left them at work)default tip |
| 10 months |
Thomas Broyer |
Added form-username-field-name and form-password-field-name parameters in the ABNF and placeholders for their definition, as well as a placeholder section for the new 308 status code. |
| 10 months |
Thomas Broyer |
Updated UA compat with Firefox 3.5.3, Safari 4.0.3, Chrome 3.0.195.21 (stable) and Opera 10.00 |
| 14 months |
Thomas Broyer |
Prepare addition of new 3xx status code |
| 14 months |
Thomas Broyer |
Tested Safari 4 beta and my wife's Samsung Player Style |
| 14 months |
Thomas Broyer |
Re-tested in current browsers (now passes in Opera 10.00 beta 1) |
| 18 months |
Thomas Broyer |
Added some new tests for cases when a redirect is needed (e.g. single sign-on) |
| 18 months |
Thomas Broyer |
Rewritten the abstract and introduction, as per feedback on the -00 draft |
| 18 months |
Thomas Broyer |
Added cross-domain SSO 'proof of concept' example |
| 18 months |
Thomas Broyer |
Added a 'Status code (bad credentials)' column (yet to be filled), added Facebook |
| 18 months |
Thomas Broyer |
Added a 'Cookie name hardwired?' column, added JA-SIG CAS, GMail and Google Accounts |
| 18 months |
Thomas Broyer |
Added page summarizing current practice |
| 18 months |
Thomas Broyer |
Added a small python script to serve the asis files really 'as is', i.e. not folding two WWW-Authenticate into a single header, as does Apache mod_asis |
| 18 months |
Thomas Broyer |
Put tests under version control (will also give access to their source) |
| 18 months |
Thomas Broyer |
Added ua-compat.html page with results of UA testings |
| 19 months |
Thomas Broyer |
Added acknowledgements (missing in -00 draft) and updated the repo URL from broyer.info/hg to hg.ltgt.net |
| 19 months |
Thomas Broyer |
Tagging the -00 draft |
| 19 months |
Thomas Broyer |
Renamed to -01 and renamed the file to be version-agnosticdraft-00 |
| 19 months |
Thomas Broyer |
Renamed to just Cookie-based HTTP Authentication and use trust200811 IPR, as required since Dec. 16 |
| 19 months |
Thomas Broyer |
Taken into account most of Julian Reschke feedback |
| 19 months |
Thomas Broyer |
First in a serie of tweaks/rewording/reorganisation of the Security Considerations section |
| 19 months |
Thomas Broyer |
Reformatting the Security Considerations section |
| 19 months |
Thomas Broyer |
Removed the TODO about "cascading authentication challenges". |
| 19 months |
Thomas Broyer |
Removed the <dfn/> as I doubt I'll actually use it |
| 19 months |
Thomas Broyer |
Added missing RFC2617 reference |
| 19 months |
Thomas Broyer |
Describe the overall authentication process, taking HTML forms as an example |
| 19 months |
Thomas Broyer |
Switched examples to Set-Cookie2 response header, and tweaked the authentication parameters' definitions |
| 19 months |
Thomas Broyer |
s/insecure/unsecured/ + added a note about secure-cookie-name and sensitive information |
| 19 months |
Thomas Broyer |
Removed RFC2109 reference |
| 19 months |
Thomas Broyer |
Now using entity references for RFC2119 words |
| 19 months |
Thomas Broyer |
Updated email address |
| 19 months |
Thomas Broyer |
Added some notes about security |
| 19 months |
Thomas Broyer |
Added the 'simple example', where everything goes through TLS |
| 19 months |
Thomas Broyer |
Added placeholders for additional examples |
| 19 months |
Thomas Broyer |
Updated the example to no longer use test-cookie-name and added steps using secure-cookie-name |
| 19 months |
Thomas Broyer |
Removed test-cookie-name as it's not realy useful when not using a redirection (which is the point of this spec); added secure-cookie-name for applications using a mix of secured and unsecured communications. |
| 19 months |
Thomas Broyer |
Human-readable reference for W3C.NOTE-authentform-19990203 |
| 19 months |
Thomas Broyer |
First draft of the introduction |
| 19 months |
Thomas Broyer |
Added notes for the Security Considerations section |
| 19 months |
Thomas Broyer |
Removed the 'how an UA has to manage those cookies' part, as frequently changing the cookie value could be use for increased security. |
| 19 months |
Thomas Broyer |
IANA Considerations section |
| 19 months |
Thomas Broyer |
Added RFC 2109 and 2965 as normative references |
| 19 months |
Thomas Broyer |
Added W3C.NOTE-authentform-19990203 informative reference. |
| 19 months |
Thomas Broyer |
Grrr, seems like my previous commit created a 0-byte file :-( |
| 19 months |
Thomas Broyer |
First shot, merely a copy/paste of my mail to ietf-http-auth with added RFC2629 markup. |
