W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1996

Re: [moore@cs.utk.edu: http digest auth + http 1.1?]

From: Koen Holtman <koen@win.tue.nl>
Date: Mon, 26 Aug 1996 15:16:10 +0200 (MET DST)
Message-Id: <199608261316.PAA18260@wsooti04.win.tue.nl>
To: Larry Masinter <masinter@parc.xerox.com>
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Larry Masinter:
>
>It is my belief that it is the intent of the working group that digest
>authentication be part of HTTP/1.1. 
>
>If you disagree, would you please let me know ASAP?

[...]

>Is it the intention of the working group that the support for the
>digest authentication method should be included as part of http 1.1?
>
>(that is, should compliance with the http 1.1 spec require support for 
>the digest authentication method?)

I feel that digest authentication is a `may support' feature, not a
`must support' feature for HTTP/1.x applications.  I feel that
compliance with 1.1 must _not_ require support for digest
authentication: support for various authentication methods has always
been optional in HTTP.  If support were required, this would greatly
increase the requirements on a minimal 1.1 application, which is a bad
thing.

I have no opinion on whether it is preferable to merge the digest
authentication draft into the main 1.1 draft.  As far as I am
concerned, this decision can be left to the RFC editor.

Koen.
Received on Monday, 26 August 1996 06:23:39 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:08 EDT