- From: John Franks <john@math.nwu.edu>
- Date: Wed, 3 Jan 1996 10:16:09 -0600 (CST)
- To: "Eric W. Sink" <eric@rafiki.spyglass.com>
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
On Wed, 3 Jan 1996, Eric W. Sink wrote: > > I'd like to welcome new contributors to the discussion on Digest > authentication, and give you a bit of history behind this proposed > authentication mechanism. > > Digest definitely has holes and limitations. We did not set out to design a > Great authentication scheme. We set out to design a Better authentication > scheme. > I would like to echo the Eric's remarks. Digest authentication in its early versions was called "Simple" authentication. The idea was to replace (as quickly and painlessly as possible) "Basic" authentication which is in widespread use today and involves the network transmission of passwords which are not encoded. It was never our intent to produce what Eric refers to as a "great authentication scheme." The objective was always to replace Basic authentication as quickly as possible. This remains an important objective which could be achieved by HTTP/1.1. John Franks Dept of Math. Northwestern University john@math.nwu.edu
Received on Wednesday, 3 January 1996 08:22:10 UTC