Hi there,
in the past few weeks I've been reminded about the lack for a logout()
from HTTP authentication several times -- I believe first in webapps,
then the IETF http-auth mailing list, then also in an internal product
discussion.
This is a very old issue, a good summary is in the Mozilla bug:
<https://bugzilla.mozilla.org/show_bug.cgi?id=287957>.
I hear that this might be covered by the proposed charter of the new web
cryptography WG,
<http://www.w3.org/2011/11/webcryptography-charter.html>, and I'd love
to find out that it's going to happen over there. If it does not, it
would be good to find out as soon as possible, and then maybe find
another venue in the W3C (webapps?); unless you want the IETF to start
on JS APIs :-)
Best regards, Julian
bcc'd lots of people who I hope are interested...
