W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1996

RE: New draft for Digest Authentication

From: Paul Leach <paulle@microsoft.com>
Date: Mon, 26 Feb 96 11:28:16 PST
To: john@math.nwu.edu
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: red-16-msg960226192426MTP[01.52.00]000000b1-113951
In the security considerations section, it should explain why
having the Client IP address in the nonce is stronger than
just checking the IP address over which the request arrived
against the IP address over which the nonce was originally
obtained.

Paul
Received on Monday, 26 February 1996 11:30:02 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:46 EDT