- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Fri, 30 Jan 2004 11:30:54 +0100
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
Dave Kristol wrote: > If I understand this article correctly, it sounds like MS IE will remove > support for Basic Authentication. While we all agree that cleartext > passwords are evil, this sounds to me like it will create a major > compatibility problem at sites that use Basic. And note that it covers > Basic over SSL, too, where the passwords would *not* be cleartext. Looking at <http://support.microsoft.com/default.aspx?scid=kb;[LN];834489>, it seems that they do not discontinue Basic Auth, they just disallow embedding credentials in URLs. That's something different. Julian -- <green/>bytes GmbH -- http://www.greenbytes.de -- tel:+492512807760
Received on Friday, 30 January 2004 05:32:59 UTC