W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1998

Re: Digest auth and domain, again

From: David W. Morris <dwm@xpasc.com>
Date: Fri, 1 May 1998 12:56:07 -0700 (PDT)
To: Daniel Hellerstein <danielh@mailbox.econ.ag.gov>
Cc: http-wg@cuckoo.hpl.hp.com, http-wg@hplb.hpl.hp.com
Message-Id: <Pine.GSO.3.96.980501125230.25945B-100000@shell1.aimnet.com>


On Fri, 1 May 1998, Daniel Hellerstein wrote:

> Given that most clients are likely to  associate the realm information with
> a "prefix", I'm wondering if  it's worth the trouble to
> (as a general rule) send the domain information (my current plans
> are not to bother).

As far as I know there are no general client implementations so it would
seem unwise to assume what they would do and instead provide the protocol
element which gives more power.  With basic, the client which wants to
optimize must make assumptions AND has no way to avoid prompting a user
for multiple servers.  Clients seem to assume that all URLs in the
directory for which authentication was requested and below share the
same credentials.  Thus, there is currently no way other than an
additional round trip for the client to learn that the real world is
broader or narrower than the current heuristic.

Dave
Received on Friday, 1 May 1998 13:03:40 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:18 EDT