- From: Scott Lawrence <lawrence@agranat.com>
- Date: Wed, 2 Aug 2000 14:13:10 -0400
- To: "Life is hard, and then you die" <ronald@innovation.ch>, James G Smith <JGSmith@tamu.edu>
- Cc: http-wg@cuckoo.hpl.hp.com
> From: ronald@innovation.ch > Isn't the algorithm=MD5-sess in Digest auth sufficient? The A1 is > basically your ticket. Or maybe I'm missing something. No, Digest as currently defined allows the http server to consult a third party authentication server in order to obtain the secret (but does not specify how that should be done). It does not, however, meet the need described here - that the http server be able to instruct the client to first obtain credentials through the third party server. -- Scott Lawrence
Received on Wednesday, 2 August 2000 11:18:39 UTC