W3C home > Mailing lists > Public > pics-interest@w3.org > April 1999

Re: Publically available PICS Label Bureau for RDF migration testbed?

From: Chris Patterson <chris@maxum.com>
Date: Thu, 08 Apr 1999 16:22:57 -0500
To: Dan Connolly <connolly@w3.org>
CC: pics-interest@w3.org
Message-ID: <1288536860-89527347@maxum.com>
> Chris Patterson wrote:
>> There is no reason some kind of authentication method to identify
>> "registered" users couldn't be used in the PICS HTTP request. It would
>> probably require some kind of public/private key system (Cookies? PGP? SSL?)
>> -- HTTP's "basic" authentication method wouldn't cut it. But whatever method
>> was agreed upon would need to be implemented in the PICS clients.
> Would digest authentication[1] cut it?
> i.e. do you really need public key stuff, or are you
> just trying to avoid passwords-in-the-clear?
> Hmm... your mention of SSL reminds me that confidentiality
> might be important...

Digest authentication seems like it would do the trick, if the PICS label
bureau used "single-use" nonce values to ensure that each and every hit (for
which a charge could be assessed) is properly authenticated. Right?

Chris Patterson                       chris@maxum.com
Maxum Development Corp.          http://www.maxum.com

          "Tao?" "Nah, I prefer to drip-dry."
Received on Thursday, 8 April 1999 17:21:22 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:43:09 UTC