W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 1997

RE: Access Control: What's On The Wire

From: Gregory J. Woodhouse <gjw@wnetc.com>
Date: Thu, 29 May 1997 06:32:17 -0700 (PDT)
To: Dylan Barrell <dbarrell@opentext.ch>
cc: "'Fisher Mark'" <FisherM@exch1.indy.tce.com>, "'w3c-dist-auth'" <w3c-dist-auth@w3.org>
Message-ID: <Pine.BSF.3.96.970529062310.10930A-100000@shell3.ba.best.com>
The authentication scheme used by HTTP is extensible (in the sense that
new schemes besides basic, digest and NTLM can easily be introduced using
the same basic framework), and I see no reason why PEP couldn't be used to
implemeent the credential type negotiation that you describe. That being
the case, I see no reason why we need to break from the existing
framework for authentication. In fact, I'm not altogether sure why schemes
like digest or NTLM (I know it's proprietary) are too weak for our
purposes. After all, isn't our goal to keep people from walking on
eachother's files? This relatively modest goal doesn't seem to demand
extremeley strong cryptographic  methods -- especially since the basic
framework makes it possible to upgrade the authentication scheme as
required.

---
Gregory Woodhouse
gjw@wnetc.com    /    http://www.wnetc.com/home.html
If you're going to reinvent the wheel, at least try to come
up with a better one.
Received on Thursday, 29 May 1997 09:32:32 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:42 GMT