- From: Peter J Churchyard <pjc@trusted.com>
- Date: Wed, 28 Aug 1996 16:31:20 -0400 (EDT)
- To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
As larry has pointed out, basic for client / server non persistant requests is a poor choice. client - proxy with persistant connection between client and proxy when used with one time password systems ( as we do in our product) allows sites to authenticate strongly which of their users can do WEB stuff. Basic auth as a mechanism can very useful even if it is not what it was intended for. There are no export restrictions for hash algs (MD4,5). crypto can be exported if used for authentication only and cannot be used for data encryption. (you ship binaries only.. no source.) Patent restrictions are a different matter... Pete. -- The TIS Network Security Products Group has moved again! voice: 301-527-9500x111 fax: 301-527-0482 Room 334, 15204 Omega Drive, Rockville, MD 20850
Received on Wednesday, 28 August 1996 13:31:45 UTC