> > I was hoping to polish this proposal a little more before floating it > externally, but alas, with the meeting on Monday, time did not permit. I > hope that I have at least stated my perspective well enough to stimulate > discussion. > This sounda a lot like the old expired draft: "Mediated Digest Authentication" http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-mda-00.txt I wonder if you could do this all with one-way keyed hash functions, and avoid the use of SSL, and thus export restrictions. Someone would have to think about possible attacks involving a bogus server.Received on Friday, 5 December 1997 10:37:24 EST
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:04 EDT