- From: <hallam@ai.mit.edu>
- Date: Mon, 26 Aug 96 13:50:13 -0400
- To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
- Cc: hallam@ai.mit.edu
>Larry Masinter: >> >>It is my belief that it is the intent of the working group that digest >>authentication be part of HTTP/1.1. >> >>If you disagree, would you please let me know ASAP? This was what it was originally proposed as. The original idea was that DIGEST would be the preferred method and that BASIC be *VERY* strongly depreciated. That is why so much effort was made into making a scheme that was 100% plug compatible with BASIC. If the idea was to produce the best possible digest authentication scheme we would have made a very different proposal. About the only use for BASIC at present is in conjunction with SSL where it might possibly be preferable to DIGEST but not by much. I like Dave Kristol's proposal that suport for BASIC in 1.1 implies support for DIGEST. My understanding was that we were hoping to have DIGEST docked and that only the adminstrivia issues would argue to not dock. If the IESG are willing for docking to take place and any such moves can be coordinated between the RFC edditor and the HTTP editor then fair enough. Phill
Received on Monday, 26 August 1996 10:48:27 UTC