- From: Graham Klyne <GK@dial.pipex.com>
- Date: Mon, 15 Feb 1999 11:34:16 +0000
- To: <spreitze@parc.xerox.com>
- Cc: Chris Newman <chris@innosoft.com>, Mike Spreitzer <spreitze@parc.xerox.com>, ietf-http-ng@w3.org, discuss@apps.ietf.org
At 08:43 12/02/99 PST, spreitze@parc.xerox.com wrote: >As for the first: how do higher layers ever "know" about authentication done in lower layers? This is an issue of software in the peers, not the protocol, right? What goes on the wire makes it clear (assuming the protocols above and below MEMUX were prepared to be separated at all --- which they would of course be if they're separate protocols); the issue is that an API for using MEMUX must enable authentication to pass through the MEMUX software layer appropriately. As this WG is not about designing the API, I figure that issue is out of scope. > >I think the other two issues are clearly in scope. > I think the first is also in scope, to the extent that your points above be noted as a "security consideration". #g ------------ Graham Klyne (GK@ACM.ORG)
Received on Monday, 15 February 1999 06:34:28 UTC