W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2008

wildcards in digest auth domain field

From: Tim Olsen <tim@brooklynpenguin.com>
Date: Thu, 14 Feb 2008 13:27:08 -0500
To: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20080214132708.2a0750a4@neurofunk.limewire.com>


In my current project, I have come across the problem of making digest
authentication work across an arbitrary number of subdomains.  RFC
2617 specifies a domain directive where I can specify a number of
domains.  It does not, however, allow me to specify a wildcard domain.
Others have also indicated the need for wildcard domains [1, 2].

I'd like to propose allowing wildcard domains in digest
authentication's domain directive.  It can be done in a similar manner
to what's currently allowed as subjectAltNames in TLS certificates [3,
4, 5].  For example, *.example.com matches a.example.com and
b.example.com, but does not match example.com or a.b.example.com

Would it be possible to get this into httpbis?  Thoughts?


[1] http://www.artima.com/weblogs/viewpost.jsp?thread=155252
[2] http://blog.ianbicking.org/apache-the-application-server.html
[3] RFC 2595 Section 2.4
[4] RFC 2818 Section 3.1
[5] RFC 4513 Section
Received on Thursday, 14 February 2008 18:27:27 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:10:44 UTC