When it comes to secure authentication, the web
is in a much worse shape than email. But that's
not due to email; it is the web that habitually
ignores all the advances that are used everywhere
else! Since the web is important, we want to extend
HTTP with SASL, the general framework that works so
well for almost all the other protocols.