session management draft 28

Issue #1011 resolved
Tom Jones created an issue

section 3 "iframe in the browser client" this is the only place that "browser client", since "user agent" is defined above and used throughout wouldn't that be a better term?

section 4 "highly desirable to be able to find out the login status" strike the word "out"

Section 4.1 and 4.2 "invisible iframe" these seem scary, has any threat modeling been performed on this doc? I see section 8, but is seems pretty skimpy

Comments (3)

  1. Log in to comment