Ian Hickson wrote:
...
I don't understand why it makes a difference what the form is like. It
should apply whatever credentials it has been given -- whatever those
might be, username/password, certificate, fake addressa and phone number,
whatever, and submit the form. Just like a user.
...
If the form is more complex than two fields (identity/secret), then I
don't see how authentication is going to work except by displaying the
form -- just extracting the field names certainly wouldn't be
sufficient, even if they would be reasonable self-describing.
So, in the current form, this proposal only helps in marking the
server's response as *being* a login form, but not really in making it
more usable for a non-HTML client...
BR, Julian
