W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1996

Re: Digest-MessageDigest doesn't work with proxies

From: John Franks <john@math.nwu.edu>
Date: Fri, 1 Mar 1996 14:09:01 -0600 (CST)
To: Paul Leach <paulle@microsoft.com>
Cc: hallam@w3.org, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <Pine.SUN.3.91.960301140546.1014A-100000@hopf.math.nwu.edu>
On Fri, 1 Mar 1996, Paul Leach wrote:

> John said:
> ----------
> ]]
> ] > Are you just talking about D-MD, or Digest Auth for
> ] > Proxy-Authentication and Proxy-Authorization as well?
> ] >
> ]
> ] Digest-MessageDigest has been part of the draft since its very early
> ] versions.  It has limitations. I don't think we are in a position
> ] to either remove it or overcome its limitations.  The new nextnonce
> ] field seems to me to be a useful addition which is is a very modest
> ] change and not likely to lead to any unpleasant surprises.  I also
> ] agree with Paul that there is not much reason to keep the user, nonce
> ] and realm fields.  In the fullness of time we can and will create
> ] stronger ways of dealing with authentication, proxies, headers, etc.
> ]
> ] I propose that the D-MD section of this draft be:
> ]
> [omitted]
> The problem is, this is broken when a proxy is involved.  I don't care 
> if you enhance the section along the lines of my suggestions, but it 
> has to work when proxies are involved, otherwise huge numbers of 
> clients can't use digest auth -- perhaps even the majority of users in 
> the near future.

Are you saying it is broken for end-to-end transactions when the data
passes through proxies?  If so why?  Or is it just that it doesn't 
handle proxy authentication?

John Franks 	Dept of Math. Northwestern University
Received on Friday, 1 March 1996 12:13:41 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:16 UTC