- From: Peter J Churchyard <pjc@trusted.com>
- Date: Tue, 20 Feb 1996 15:26:09 -0500 (EST)
- To: pjc <pjc@hilo.trusted.com>
- Cc: NED@innosoft.com, rtor@ansa.co.uk, fielding@avron.ICS.UCI.EDU, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
The IMAP4 auth mechanisms are ideal for persistant connections. RFC1731 specifes how KERBEROS_V4, GSSAPI and S/Key may be used. I assume that the S/Key style definition may be extended to cover Digital Pathways SNK devices and Security Dynamics SecurID cards. In http://www.ics.uci.edu/pub/ietf/http/hypermail/1996q1/0083.html http://www.ics.uci.edu/pub/ietf/http/hypermail/1996q1/0101.html I have hinted at mechanisms in which I believe the multi handshakes used by KERBEROS and GSSAPI may be done within the existing http protocols. S/Key is not a good candidate for an automatic per request mechanism because of the usually limited number of auths before you need to re-set. We already provide GSSAPI capable Telnet and FTP proxies. Pete. -- TIS Network Security Products Group voice: 301-527-9500 x123 fax: 301-527-0482 2277 Research Boulevard, 5th Floor, Rockville, MD 20850
Received on Tuesday, 20 February 1996 13:41:08 UTC