W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1995

Re: potential security holes in digest authorization

From: <hallam@w3.org>
Date: Wed, 26 Jul 95 16:24:06 -0400
Message-Id: <9507262024.AA31520@zorch.w3.org>
To: Dave Kristol <dmk@allegra.att.com>
Cc: hallam@w3.org
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com

>Now Phillip seems to suggest that the realm should be something the
>INTERNIC registers.  I don't understand why.  

If people want realms to be unique then it would be a good thing to
have some mechanism for ensuring that they are. INTERNIC provides a
mechanism for giving people a unique name. I'm not implying that the
realm should be internic addresssable, merely that people should only use
names that they "own".

Or perhaps what I'm really arguing for is that people should only use internic
style names if they own them. I should not set up a realm att.com for example.
but could set up "Edible" as a realm but with a danger of collision.


	Phill
Received on Wednesday, 26 July 1995 13:30:39 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:23 EDT