W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2007

Re: RFC2616 vs RFC2617, was: Straw-man charter for http-bis

From: Alexey Melnikov <alexey.melnikov@isode.com>
Date: Mon, 02 Jul 2007 12:22:18 +0100
Message-ID: <4688DFEA.6050005@isode.com>
To: Henrik Nordstrom <henrik@henriknordstrom.net>
CC: Julian Reschke <julian.reschke@gmx.de>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>

Henrik Nordstrom wrote:

>tor 2007-06-07 klockan 18:18 +0200 skrev Julian Reschke:
>  
>
>>BTW: does the framework really require fixing?
>>    
>>
>Not really imho. It's an extensible negotiable framework for message
>based authentication with no dependencies on how such authentication is
>implemented besides it being message based to fit in the message
>structure of HTTP.
>  
>
I don't think that the framework itself is broken. But one thing that 
needs to clarified is that authentication exchange using a new 
authentication mechanism X can use more than 1 roundtrip and use the 
same HTTP header for each authentication step. Many existing 
implementations are designed to expect data from the second round trip 
in another header (like in Digest).
Received on Monday, 2 July 2007 12:39:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:15 GMT