Re: Auth / APOP / RFC1734 / RFC1731 from Bill Janssen on 1996-02-20 (ietf-http-wg@w3.org from January to March 1996)

From: Bill Janssen <janssen@parc.xerox.com>
Date: Tue, 20 Feb 1996 12:53:30 PST
To: pjc <pjc@hilo.trusted.com>, Peter J Churchyard <pjc@trusted.com>
Cc: NED@innosoft.com, rtor@ansa.co.uk, fielding@avron.ICS.UCI.EDU, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <kl_XH_sB0KGWAxbfwB@holmes.parc.xerox.com>

Excerpts from ext.ietf-http: 20-Feb-96 Auth / APOP / RFC1734 / RFC..
Peter J Churchyard@trust (891*)

> I have hinted at mechanisms in which I believe the multi handshakes used by
> KERBEROS and GSSAPI  may be done within the existing http protocols.

Note that the GSSAPI is a different class of `thing' than Kerberos, and
is indeed very generic; a Web security context establishment
meta-protocol that mentioned only the GSSAPI, and avoided mention of any
specific security mechanism, could support a variety of actual security
protocols.

Bill

Received on Tuesday, 20 February 1996 13:44:30 UTC