W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1996

Non editorial comments...

From: Peter J Churchyard <pjc@trusted.com>
Date: Tue, 28 May 1996 14:31:44 -0400 (EDT)
To: http-wg@cuckoo.hpl.hp.com
Message-Id: <9605281831.AA13449@hilo.trusted.com>
With a persistant connection, BASIC auth can and is being used with
challenge response and one time tokens to provide strong authentication.
This is being used with persistant proxy connections to auth the client
to the proxy.

I have seen the problem with clients and servers starting to support 
persistant connections and the use of proxies (http-gw from the firewall
toolkit) that don't understand this. We recently have provided a patch to 
remove various headers to fix this..

Pete.
-- 
The TIS Network Security Products Group has moved!
voice: 301-527-9500 x123 fax: 301-527-0482
2277 Research Boulevard, 5th Floor, Rockville, MD 20850
Received on Tuesday, 28 May 1996 14:31:44 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:00 EDT