W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2011

Re: #288: Considering messages in isolation

From: Julian Reschke <julian.reschke@gmx.de>
Date: Thu, 30 Jun 2011 09:17:24 +0200
Message-ID: <4E0C2304.4050502@gmx.de>
To: Mark Nottingham <mnot@mnot.net>
CC: Adrien de Croy <adrien@qbik.com>, httpbis Group <ietf-http-wg@w3.org>
On 2011-06-30 03:02, Mark Nottingham wrote:
>
> On 30/06/2011, at 10:52 AM, Adrien de Croy wrote:
>
>>
>> How does auth fit in with this, esp any challenge-response based authentication or connection-oriented auth.
>
> I think it's well-established that "connection-oriented" authentication is fundamentally incompatible with HTTP, and shouldn't be attempted. Yes, NTLM does it, and that causes *significant* problems in all of the implementations I'm aware of.
> ...

And it's good that we now have spec text we can people point to when the 
question comes up (for instance, when looking at 
draft-ietf-httpbis-authscheme-registrations).

Best regards, Julian
Received on Thursday, 30 June 2011 07:17:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:42 GMT