Comment Re:HTTP authentication (Score 2, Interesting) 49
It has been discussed recently on HTML5 WG.
Browsers' UI for HTTP authentication so far is absolutely awful, and there's no standard mechanism for logging out.
Although HTTP Digest authentication does offer slighly better security than cookies, HTTP authentication is helpless against any MITM attacks.
There have been proposals to give HTML forms front-end for HTTP authentication, but they haven't gone anywhere, since there is little to gain (same UI as cookie-based auth, negligible security improvement) and backwards compatibility is poor.