On Wed, Aug 02, 2000 at 09:34:07AM -0500, James G Smith wrote: > I think I recall some mention that security related issues were > not being dealt with by this group, but then I saw the RFC for > Basic and Digest Access Authentication among this groups RFCs... > > If this has been answered already, then a gentle reminder of > where I need to look will be sufficient :P > > +--- > | > | I would like to propose an extension to the HTTP standard to > include yet another authentication scheme. This would allow for > clients to use a third-party URL (third party being not the > client and not the site requiring authentication) to generate the > authentication credentials. [snip] Isn't the algorithm=MD5-sess in Digest auth sufficient? The A1 is basically your ticket. Or maybe I'm missing something. Cheers, RonaldReceived on Wednesday, 2 August 2000 16:49:55 EDT
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:38 EDT