W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1996

Re: APOP - authentication..

From: Roy T. Fielding <fielding@avron.ICS.UCI.EDU>
Date: Tue, 20 Feb 1996 08:25:01 -0800
To: Peter J Churchyard <pjc@trusted.com>
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <9602200825.aa09197@paris.ics.uci.edu>
> This document describes a simple authentication scheme for http that uses
> the APOP mechanism as defined in RFC1725 Post Office Protocol - Version 3.

It appears to be a weak subset of the Digest authentication mechanism
already proposed and implemented on many HTTP systems.  I don't see
any reason why APOP can't be mapped into Digest and thus save the client
from having to know more AA schemes than are necessary.


 ...Roy T. Fielding
    Department of Information & Computer Science    (fielding@ics.uci.edu)
    University of California, Irvine, CA 92717-3425    fax:+1(714)824-4056
    http://www.ics.uci.edu/~fielding/
Received on Tuesday, 20 February 1996 08:29:07 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:45 EDT