W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1995

Re: Digest authentication

From: Dave Kristol <dmk@allegra.att.com>
Date: Thu, 27 Apr 95 10:04:06 EDT
Message-Id: <9504271402.AA20595@hplb.hpl.hp.com>
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, wmperry@spry.com
Bill Perry said:
  > Mike Cowlishaw writes:
  > > Good to see it works.  Question: why is the 'opaque' field part of
  > > the WWW-Authenticate: header?  It would seem to be generally useful,
  > > independent of authentication, and therefore perhaps merits a header
  > > of its own:
  > > 
  > >   Opaque: 34e1....3c81
  > 
  >   I wondered that myself.  It would dovetail nicely with either the
  > 'Session-ID' or 'Cookie' proposals.

But you might want a separate Opaque: value for each of Session-ID
and WWW-Authenticate:.  Better to leave them as attributes of a
particular header, IMO.

Dave Kristol
Received on Thursday, 27 April 1995 07:10:37 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:15 EDT