W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

RE: Proposal for new HTTP 1.1 authentication scheme

From: Maurizio Codogno <mau@beatles.cselt.it>
Date: Wed, 10 Dec 1997 00:16:22 +0100 (MET)
Message-Id: <199712092316.AAA23116@beatles.cselt.it>
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, paulle@microsoft.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/4871

% I talked to Scott Lawrence, and his products implements entity-digest, but
% he said he'd be glad to change if we (MS) implement it that way. (We
% currently have no implementation.) SInce WebDAV seems like it will require
% Digest, and we love WebDAV, there's a good chance we will be implementing
% it.

A not-too-much-correlated thought:

I was wondering why Digest does not use a salt, so that the server needn't
keep the password in clear.

Or is it me who misread the RFC?

ciao, .mau.
Received on Tuesday, 9 December 1997 15:01:08 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:21 UTC