- From: Paul Leach <paulle@microsoft.com>
- Date: Tue, 20 Feb 96 11:20:20 PST
- To: fielding@avron.ICS.UCI.EDU, pjc@trusted.com
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Roy said, commenting on Peter's mail: ] > ] > Various digest proposals have been proposed as weak subsets of SHTTP.. ] > APOP is an existing standard. ... ] ] for transfer of mail, yes. So? You still have to translate the APOP ] authentication to an HTTP syntax. All I am saying is that you might as ] well translate it into the Digest syntax, since there is zero chance ] of it being implemented in HTTP clients otherwise. I'm waiting on the revised Digest I-D before forming an opinion on this one. We don't implement what was in the old version of the I-D on Digest, and so we wouldn't have a problem choosing either. If there are lots of people implementing the old version, then we'd be swayed by the difficulty of their changing, all other things being equal (like degree of simplicity and level of security). But the ability to reuse mechanism between our POP3 server and HTTP server (even after translating to HTTP syntactical form) would be attractive. Paul
Received on Tuesday, 20 February 1996 13:29:10 UTC