W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 2001

RE: Resolving Digest authentication issue

From: Dylan Barrell <dbarrell@opentext.com>
Date: Fri, 2 Nov 2001 10:32:29 -0500
To: "Alan Kent" <ajk@mds.rmit.edu.au>, <w3c-dist-auth@w3.org>
Message-ID: <NEBBIBDBCLDPAGPIKGMCEEGJEFAA.dbarrell@opentext.com>
Sounds good to me too...

--Dylan

> -----Original Message-----
> From: w3c-dist-auth-request@w3.org
> [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Alan Kent
> Sent: Thursday, November 01, 2001 9:53 PM
> To: w3c-dist-auth@w3.org
> Subject: Re: Resolving Digest authentication issue
>
>
> On Thu, Nov 01, 2001 at 05:52:37PM -0800, Jim Whitehead wrote:
> > * Basic MUST NOT be used unless the connection is secure.
> Secure is defined
> > to be TLS over the Internet, a physically secure network, or a network
> > behind a well-administered firewall.
> >
> > Client requirements: MUST support Basic, SSL/TLS support is STRONGLY
> > RECOMMENDED
> > Server requirements: SHOULD support Basic, SSL/TLS support is STRONGLY
> > RECOMMENDED
> >
> > * Digest SHOULD be used when the connection is insecure, such
> as a non-TLS
> > connection over the Internet.
> >
> > Client requirements: MUST support Digest
> > Server requirements: SHOULD support Digest, but it is
> acceptable for Digest
> > authentication to be disabled by default. It SHOULD be possible for an
> > administrator to configure a server to use Digest.
> >
> > * Additional authentication schemes beyond Basic and Digest MAY be
> > supported, whether or not described in an IETF specification.
> Implementors
> > should be aware that use of other authentication schemes guarantees some
> > level of non-interoperation of that authentication scheme,
> since all WebDAV
> > clients and servers cannot be expected to support that authentication
> > scheme.
> >
> > * Finally, to guarantee some level of authentication will be possible: a
> > server MUST at minimum support either Basic OR Digest. A server SHOULD
> > support Basic AND Digest.
> ...
> > Comments?
> >
> > - Jim
>
> Sounds good to me.
> Alan
Received on Friday, 2 November 2001 10:33:47 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:58 GMT