W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1996

Auth / APOP / RFC1734 / RFC1731

From: Peter J Churchyard <pjc@trusted.com>
Date: Tue, 20 Feb 1996 15:26:09 -0500 (EST)
Message-Id: <9602202026.AA12779@hilo.trusted.com>
To: pjc <pjc@hilo.trusted.com>
Cc: NED@innosoft.com, rtor@ansa.co.uk, fielding@avron.ICS.UCI.EDU, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
The IMAP4 auth mechanisms are ideal for persistant connections. RFC1731
specifes how KERBEROS_V4, GSSAPI and S/Key may be used. I assume that the
S/Key style definition may be extended to cover Digital Pathways SNK 
devices and Security Dynamics SecurID cards.

In 
http://www.ics.uci.edu/pub/ietf/http/hypermail/1996q1/0083.html
http://www.ics.uci.edu/pub/ietf/http/hypermail/1996q1/0101.html

I have hinted at mechanisms in which I believe the multi handshakes used by
KERBEROS and GSSAPI  may be done within the existing http protocols.

S/Key is not a good candidate for an automatic per request mechanism because of
the usually limited number of auths before you need to re-set.

We already provide GSSAPI capable Telnet and FTP proxies. 

Pete.
-- 
TIS Network Security Products Group
voice: 301-527-9500 x123 fax: 301-527-0482
2277 Research Boulevard, 5th Floor, Rockville, MD 20850
Received on Tuesday, 20 February 1996 13:41:08 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:45 EDT