W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

RE: Digest mess

From: Josh Cohen <joshco@microsoft.com>
Date: Tue, 16 Dec 1997 00:07:57 -0800
Message-Id: <21FD6499922DD111A4F600805FCCD6F2BC3522@red-86-msg.dns.microsoft.com>
To: 'Larry Masinter' <masinter@parc.xerox.com>, "Roy T. Fielding" <fielding@kiwi.ics.uci.edu>
Cc: HTTP Working Group <http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com>
Cant you run SSL on TLS in "null cipher" mode,
where you just do authentication, not encryption ?
I know you can do this with ssl, Im imagining
that you can do it in TLS as well..

Any SSL experts?

> -----Original Message-----
> From:	Larry Masinter [SMTP:masinter@parc.xerox.com]
> Sent:	Tuesday, December 16, 1997 12:04 AM
> To:	Roy T. Fielding
> Cc:	HTTP Working Group
> Subject:	Re: Digest mess
> 
> > The current definition seems to have lost
> > all of the advantages it had over transport-level encryption,
> 
> Except that it doesn't require encryption.
> 
> This is critically important. Don't go off half-cocked.
> 
> Larry
> -- 
> http://www.parc.xerox.com/masinter
Received on Tuesday, 16 December 1997 00:14:55 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:05 EDT