Hi Ian, thanks a lot for this proposal which seems to go into the right direction.
I didn't yet have time to look into this in detail, but it currently seems to require the UA to still parse the HTML page. Wouldn't it be better of the *headers* of the response (such as WW-Authenticate, Link, ...) would contain sufficient information to perform the login without having to do that; such as a URI to POST to, plus the parameter names for user name and password?
BR, Julian
