W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

RE: Proposal for new HTTP 1.1 authentication scheme

From: Paul Leach <paulle@microsoft.com>
Date: Mon, 8 Dec 1997 22:24:36 -0800
Message-Id: <5CEA8663F24DD111A96100805FFE658720382A@red-msg-51.dns.microsoft.com>
To: Eric_Houston/CAM/Lotus@lotus.com, 'Scott Lawrence' <lawrence@agranat.com>
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com 
I think that the spec for "domain" is broken -- it specifies a list of URIs,
but doesn't say that these can be _prefixes_ of URIs that may also use the
same credentials. Without that, it is pretty uselss, IMHO.


> ----------
> From: 	Scott Lawrence[SMTP:lawrence@agranat.com]
> Sent: 	Friday, December 05, 1997 10:53 AM
> To: 	Eric_Houston/CAM/Lotus@lotus.com
> Cc: 	http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
> Subject: 	Re: Proposal for new HTTP 1.1 authentication scheme
> 
> 
> Digest authentication already includes a mechanism (the 'domain'
> attribute; see section 3.2.1 of draft-ietf-http-authentication-00) to
> specify that credentials may be used on multiple servers, and through the
> 'digest' attribute allows for mutual authentication.  
> 
> There is also the model of Kerberos to consider - developing a
> ticket-based authentication scheme (with the advantages and problems of
> any third-party mechanism) would be another area to explore.
>  
>
Received on Tuesday, 9 December 1997 04:08:15 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:04 EDT