Wed Oct 27 04:40:07 UTC 2010 pix@kepibu.org * Update for nicer html export diff -rN -u old-httpauth/notes.org new-httpauth/notes.org --- old-httpauth/notes.org 2013-07-08 12:21:56.000000000 +0000 +++ new-httpauth/notes.org 2013-07-08 12:21:56.000000000 +0000 @@ -1,5 +1,5 @@ -* Site-Controlled HTTP Authentication UI -** Motivation +#+TITLE: Site-Controlled HTTP Authentication UI +* Motivation HTTP Authentication is significantly less fundamentally broken than cookie-based authentication. And, while I've been meaning to write this up for years, the recent release of [[http://codebutler.com/firesheep][Firesheep]] has brought the issue to the fore once again. @@ -14,8 +14,8 @@ This is my proposal to make HTTP Authentication website-controlled, while remaining backwards compatible with form-based authentication in browsers which do not support the proposal. -** Proposal -*** HTML Forms +* Proposal +** HTML Forms Login forms need add only a single class to their