![(please configure the [header_logo] section in trac.ini)](https://www.ietf.org/images/ietflogotrans.gif)
Changes between Version 4 and Version 5 of Ticket #510
- Timestamp:
- 30/10/13 13:42:27 (9 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #510 – Description
v4 v5 79 79 ---- 80 80 81 The Security Considerations section (6) is about one page in length. It81 ~~The Security Considerations section (6) is about one page in length. It 82 82 references the SC sections in two in I-Ds: 83 83 draft-ietf-httpbis-p1-messaging-24 and … … 86 86 section until those documents are finalized. They are both normative 87 87 references, so this doc will nor progress independently, but there will 88 still be a need to revisit this SC when those SCs are finalized. 88 still be a need to revisit this SC when those SCs are finalized.~~ 89 89 90 The SC section here addresses only two issues: purging credentials in90 ~~The SC section here addresses only two issues: purging credentials in 91 91 clients and user agents, and protection spaces. The discussion of the 92 92 former topic does not discuss how credential purging applies to proxies. … … 94 94 have the desired effect given a potentially complex GUI environment. The 95 95 discussion of protection spaces provides useful suggestions on how to 96 minimize credential exposure. 96 minimize credential exposure.~~ 97 97 98 I was a bit surprised that there was no advice deprecating the use of99 passwords as credentials, if only to make a statement on this topic. 98 ~~I was a bit surprised that there was no advice deprecating the use of 99 passwords as credentials, if only to make a statement on this topic.~~ - see http://lists.w3.org/Archives/Public/ietf-http-wg/2013OctDec/0412.html
