On Friday 08 June 2007 08:10, Stephane Bortzmeyer wrote: > On Thu, Jun 07, 2007 at 06:18:13PM +0200, > Julian Reschke <julian.reschke@gmx.de> wrote > > a message of 14 lines which said: > > In the wild, most authentication isn't using RFC2617 anyway. > > Any data here? IMHO, this assertion is not true, unless you limit to > big e-commerce Web sites. For instance, HTTP-based Web services use > 2617. Also, 2617 is typically the simplest way for a small and rapidly > setup Web site, even if it does not have the visibility of Amazon. Apart from that there is an applications where rfc2617 imho currently is the only widely usable auth scheme: restricted proxies. If you want to have a semi-public proxy that needs auth, anything else but using rfc2617 Proxy-Authentication is a pain. If you do not want plaintext credentials, rfc2617 digest currently remains the only working option (at least for me, but admittedly this doesn't say anything about "widespread-use"). Kind regards Ingo StruckReceived on Friday, 8 June 2007 08:23:16 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 4 October 2011 12:13:58 GMT