- From: Josh Cohen <joshco@microsoft.com>
- Date: Mon, 2 Feb 1998 17:01:44 -0800
- To: "'ietf-http-ext@w3.org'" <ietf-http-ext@w3.org>
-> -----Original Message----- -> From: Scott Lawrence [mailto:lawrence@agranat.com] -> Sent: Monday, February 02, 1998 4:06 PM -> To: Josh Cohen -> Subject: Re: Reauthentication Requested Revisited -> -> -> -> JC> This provides a general mechanism for a "retry request" -> from the server -> JC> to the client along with a way to acknowledge receipt of -> the retry -> JC> request. -> -> Which may or may not be a good thing, but is, I think, -> orthogonal to -> the question of invalidating cached user credentials. -> Technically yes. However to make the 'reauth request' actually work and be useable, both are necessary from a system view. 1) the server needs a way to send a message to the client saying please revalidate your credentials with the user 2) the server needs a way to detect that the client has or is at least claiming to knowingly complete the task (revalidate the credentials) So, I guess Im lumping two things together in a sense. I see the second part as an infrastructure item needed by the first to make it useable. (else how would you know if the client actually revalidated?) -> Scott Lawrence EmWeb Embedded Server -> <lawrence@agranat.com> -> Agranat Systems, Inc. Engineering -> http://www.agranat.com/ ->
Received on Monday, 2 February 1998 20:02:14 UTC