- From: Albert Lunde <albert-lunde@nwu.edu>
- Date: Fri, 05 Dec 1997 12:34:48 CST
- To: Eric_Houston/CAM/Lotus@lotus.com
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
> > I was hoping to polish this proposal a little more before floating it > externally, but alas, with the meeting on Monday, time did not permit. I > hope that I have at least stated my perspective well enough to stimulate > discussion. > This sounda a lot like the old expired draft: "Mediated Digest Authentication" http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-mda-00.txt I wonder if you could do this all with one-way keyed hash functions, and avoid the use of SSL, and thus export restrictions. Someone would have to think about possible attacks involving a bogus server.
Received on Friday, 5 December 1997 10:37:24 UTC