Re: Proxy authentication

I was considering whether there would be any problems implementing what we
needed with proxy authentication in a future version, if the current 
restrictions are passed. We could authentication the user (agent) to any
proxy in line before a restricted proxy, but not after, because any
restricted proxies would throw out proxy-authenticate and proxy-authorization
headers it didn't understand. While that would work fine for services on
the user side of, say, a firewall, it would not work for services on the
service side of a firewall, which we also support. So passing the current
restrictions would pose problems that we could not overcome in configurations
involving proxies that support them.

Just who should I be engaging with over this? Roy agrees that the restrictions
are wrong :-), and John is willing to follow the lead of HTTP 1.1 (though he
points out some good concerns), and Jim claims he'll make any changes that
folks agree to. 


Received on Tuesday, 23 April 1996 07:48:35 UTC