W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1997

Re: Digest Authentication, Netscape, and Microsoft

From: David W. Morris <dwm@xpasc.com>
Date: Tue, 15 Apr 1997 14:26:13 -0700 (PDT)
To: "nemo/Joel N. Weber II" <devnull@gnu.ai.mit.edu>
Cc: http-wg@cuckoo.hpl.hp.com
Message-Id: <Pine.SOL.3.95.970415141704.10219B-100000@shell1.aimnet.com>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/3051

On Mon, 14 Apr 1997, nemo/Joel N. Weber II wrote:

> However, much as the basic authentication scheme has problems, doesn't
> SSL solve all those problems?

Except that SSL is rather heavy weight performance wise and hence may be
overkill where the real objective is reasonably reliable identification of
a user w/o compromising their password data.

And frankly, hearing your security philosophy raises concerns about hidden
virus being added to complex software many many folks use from the GNU
project. But that is clearly offtopic for this list.

Dave Morris
Received on Tuesday, 15 April 1997 14:35:16 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:19 UTC