- From: Koen Holtman <koen@win.tue.nl>
- Date: Mon, 26 Aug 1996 15:16:10 +0200 (MET DST)
- To: Larry Masinter <masinter@parc.xerox.com>
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Larry Masinter: > >It is my belief that it is the intent of the working group that digest >authentication be part of HTTP/1.1. > >If you disagree, would you please let me know ASAP? [...] >Is it the intention of the working group that the support for the >digest authentication method should be included as part of http 1.1? > >(that is, should compliance with the http 1.1 spec require support for >the digest authentication method?) I feel that digest authentication is a `may support' feature, not a `must support' feature for HTTP/1.x applications. I feel that compliance with 1.1 must _not_ require support for digest authentication: support for various authentication methods has always been optional in HTTP. If support were required, this would greatly increase the requirements on a minimal 1.1 application, which is a bad thing. I have no opinion on whether it is preferable to merge the digest authentication draft into the main 1.1 draft. As far as I am concerned, this decision can be left to the RFC editor. Koen.
Received on Monday, 26 August 1996 06:23:39 UTC