On 5/22/06, Nicolas Williams <[EMAIL PROTECTED]> wrote:
As Sam says: the browser must change.
Sure, and I suspect almost all browser vendors are willing to do that, but I think better security is an insufficient motivator for web authors. The requirement for mutual authentication was interesting to me. Groups extending Web formats and APIs[1] often encounter situations where a slightly elevated trust level for certain scripts would be useful. Offering a carrot in the form of an extended JavaScript API for authenticated scripts would probably accelerate deployment of these new efforts. [1] http://www.w3.org/2006/webapi/ -- Robert Sayre _______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
