W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1998

RE: Proposal for new HTTP 1.1 authentication scheme

From: Yaron Goland <yarong@microsoft.com>
Date: Sun, 28 Dec 1997 18:38:28 -0800
Message-Id: <3FF8121C9B6DD111812100805F31FC0D0E7154@red-msg-59.dns.microsoft.com>
To: "'Eric_Houston/CAM/Lotus@lotus.com'" <Eric_Houston/CAM/Lotus@lotus.com>, jg@pa.dec.com, zurko@opengroup.org
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
I can think of an enormous number of reasons why a useful ACL protocol
couldn't be specified, but then I'm the one adding the adjective "useful."

Anyway, the DAV group is now working on just such a standardization. There
are two drafts out and a firestorm of discussion.

			Yaron

> -----Original Message-----
> From:	Eric_Houston/CAM/Lotus@lotus.com
> [SMTP:Eric_Houston/CAM/Lotus@lotus.com]
> Sent:	Monday, December 15, 1997 6:55 AM
> To:	jg@pa.dec.com; zurko@opengroup.org
> Cc:	http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
> Subject:	Re: Proposal for new HTTP 1.1 authentication scheme
> 
> I don't see why a standard ACL protocol cannot be specified, it would add
> TREMENDOUS value.
> -e
> 
> ---------------------- Forwarded by Eric Houston/CAM/Lotus on 12/15/97
> 09:51 AM ---------------------------
> 
> 
> Mary Ellen Zurko <zurko@opengroup.org> on 12/11/97 08:41:29 AM
> 
> To:   Eric Houston/CAM/Lotus
> cc:   jg@pa.dec.com (Jim Gettys) ,
>       http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, zurko@opengroup.org
> Subject:  Re: Proposal for new HTTP 1.1 authentication scheme
> 
> 
> 
> 
> >  1) When the content server redirects the request to the authentication
> > server, it encrypts the ACL for the protected resource.  The
> authentication
> > server then validates the user against the (decrypted) ACL and returns
> the
> > first matching entry to be cached in the browser.  When the browser is
> > queried for user credentials, the encrypted (authenticated) group
> > affiliations are returned to the content server.
> >
> Since there are no standardized ACLs, I don't think this can be
> addressed in the HTTP spec. Or did I miss the part where ACLs were
> added to HTTP?
>      Mez
> 
> 
> 
Received on Monday, 5 January 1998 09:56:49 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:09 EDT