Re: security requirements (was: Updating RFC 2617 (HTTP Digest) to use UTF-8)

From: David Morris <dwm@xpasc.com> Date: Sat, 4 Nov 2006 13:12:21 -0800 (PST) cc: <ietf-http-wg@w3.org> Message-ID: <Pine.LNX.4.33.0611041311000.15695-100000@egate.xpasc.com> · This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:38:24 GMT

I just don't envision such a world.

On Sat, 4 Nov 2006, Robert Sayre wrote:

> On 11/4/06, David Morris <dwm@xpasc.com> wrote:
> >
> > But in the end it doesn't matter,
>
> I don't think that's an assumption that can be made, if we are to
> envision a world where people actually use HTTP authentication instead
> of cookies and forms. For instance, servers may wish to redirect
> HTTP/1.1 clients.
>
>