W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 2005

HTTP authentication

From: Lisa Dusseault <lisa@osafoundation.org>
Date: Thu, 29 Sep 2005 13:07:54 -0700
Message-Id: <195278d1b8b711283f6c7fdb93107e40@osafoundation.org>
Cc: RL 'Bob' Morgan <rlmorgan@washington.edu>, Scott Lawrence <scott@skrb.org>, Cyrus Daboo <daboo@isamet.com>, Paul B.Hill <pbh@MIT.EDU>, Mike Shaver <shaver@mozilla.org>, Alexey Melnikov <alexey.melnikov@isode.com>, Sam Hartman <hartmans@mit.edu>
To: HTTP working group <ietf-http-wg@w3.org>, CalDAV DevList <ietf-caldav@osafoundation.org>, WebDav WG <w3c-dist-auth@w3.org>


Talking with various potential CalDAV deployers lately, there's a 
perceived need for better HTTP authentication mechanisms: ones which 
can deal with federated identity and single sign-on.  I've also heard 
people respond "what's the problem? Put an authentication proxy in the 
proxy path" or suggest HTTP-SASL or a number of other possible 
solutions to possible problems.

So, we probably need first to discuss whether there is a problem, and 
if so, what to do about it.  There's been a suggestion to hold a BOF in 
Vancouver (if it's not too late to plan one) to see who the interested 
parties are and start defining (or defining away) the problem.  Another 
idea is to hold a workshop at some point after we've identified the 
interested parties.

Anyway, I've started a separate discussion list for this topic-- I 
didn't want to spam the general HTTP list or make people who weren't 
interested in general HTTP issues (but only in authentication for 
CalDAV/WebDAV) join that list.  Please join and chime in any time about 
what you perceive the problem or lack of problem to be or leap straight 
to what ought to be done.

http://lists.osafoundation.org/cgi-bin/mailman/listinfo/ietf-http-auth

Lisa
Received on Thursday, 29 September 2005 20:08:04 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:09 GMT