Re: Netscape vs. Digest (?)

Michael Smith wrote:
> 
> Daniel DuBois <dan@spyglass.com> wrote:
> 
> >"SHOULD" is clearly not going to get Netscape to support Digest.
> > The only thing that we can *hope*
> >will get Netscape to support Digest is the threat of slapping "HTTP/1.1
> >uncompliant" on them publicly and hope it shames them into supporting it.
> >
> 
> Is it true that Netscape opposes Digest? Why? Is there anybody from Netscape
> on the list who can comment on this? Failing that, is there anybody not from
> Netscape who's willing to offer a hypothesis?

We had been adding support for digest auth back in 1.1 but
then some folks decided to keep changing the spec so we
dropped the feature.

At this point there isn't any good reason to add such a weak
authorization scheme when certificates are available already.

Why would you ever want to use digest if you already have
certificate support?

:lou
-- 
Lou Montulli                 http://www.netscape.com/people/montulli/
       Netscape Communications Corp.

Received on Tuesday, 27 August 1996 13:25:00 UTC