W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

Re: Proposal for new HTTP 1.1 authentication scheme

From: Scott Lawrence <lawrence@agranat.com>
Date: Fri, 5 Dec 1997 13:53:46 -0500 (EST)
To: Eric_Houston/CAM/Lotus@lotus.com
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <Pine.LNX.3.96.971205134941.11791F-100000@alice.agranat.com>

Digest authentication already includes a mechanism (the 'domain'
attribute; see section 3.2.1 of draft-ietf-http-authentication-00) to
specify that credentials may be used on multiple servers, and through the
'digest' attribute allows for mutual authentication.  

There is also the model of Kerberos to consider - developing a
ticket-based authentication scheme (with the advantages and problems of
any third-party mechanism) would be another area to explore.
 
Received on Friday, 5 December 1997 11:08:45 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:04 EDT