- From: John Franks <john@math.nwu.edu>
- Date: Fri, 1 Mar 1996 14:09:01 -0600 (CST)
- To: Paul Leach <paulle@microsoft.com>
- Cc: hallam@w3.org, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
On Fri, 1 Mar 1996, Paul Leach wrote: > John said: > ---------- > ]] > ] > Are you just talking about D-MD, or Digest Auth for > ] > Proxy-Authentication and Proxy-Authorization as well? > ] > > ] > ] Digest-MessageDigest has been part of the draft since its very early > ] versions. It has limitations. I don't think we are in a position > ] to either remove it or overcome its limitations. The new nextnonce > ] field seems to me to be a useful addition which is is a very modest > ] change and not likely to lead to any unpleasant surprises. I also > ] agree with Paul that there is not much reason to keep the user, nonce > ] and realm fields. In the fullness of time we can and will create > ] stronger ways of dealing with authentication, proxies, headers, etc. > ] > ] I propose that the D-MD section of this draft be: > ] > [omitted] > > The problem is, this is broken when a proxy is involved. I don't care > if you enhance the section along the lines of my suggestions, but it > has to work when proxies are involved, otherwise huge numbers of > clients can't use digest auth -- perhaps even the majority of users in > the near future. > Are you saying it is broken for end-to-end transactions when the data passes through proxies? If so why? Or is it just that it doesn't handle proxy authentication? John Franks Dept of Math. Northwestern University john@math.nwu.edu
Received on Friday, 1 March 1996 12:13:41 UTC