W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Thu, 01 Mar 2012 13:46:49 +1300
To: <ietf-http-wg@w3.org>
Message-ID: <675e023416d23c2e39131a682da35a3b@treenet.co.nz>
On 01.03.2012 13:13, Adrien de Croy wrote:
> NTLM could be made non-connection-oriented if http auth had some sort
> of context attribute that identified the auth conversation (in both
> challenges and responses), instead of having to associate it with the
> connection.

No. That just makes HTTP connection-oriented at the abstract level of 
channels. No change to NTLM.

NTLM would also require dropping the second-stage token exchange 
through the channel its authenticating. Which is effectively Kerberos, 
and also a reason behind Kerberos being preferred for implementation 
instead of NTLM across the WAN.

AYJ
Received on Thursday, 1 March 2012 00:47:15 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:56 GMT