- From: Paul Leach <paulle@microsoft.com>
- Date: Mon, 8 Dec 1997 22:24:36 -0800
- To: Eric_Houston/CAM/Lotus@lotus.com, 'Scott Lawrence' <lawrence@agranat.com>
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
I think that the spec for "domain" is broken -- it specifies a list of URIs, but doesn't say that these can be _prefixes_ of URIs that may also use the same credentials. Without that, it is pretty uselss, IMHO. > ---------- > From: Scott Lawrence[SMTP:lawrence@agranat.com] > Sent: Friday, December 05, 1997 10:53 AM > To: Eric_Houston/CAM/Lotus@lotus.com > Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com > Subject: Re: Proposal for new HTTP 1.1 authentication scheme > > > Digest authentication already includes a mechanism (the 'domain' > attribute; see section 3.2.1 of draft-ietf-http-authentication-00) to > specify that credentials may be used on multiple servers, and through the > 'digest' attribute allows for mutual authentication. > > There is also the model of Kerberos to consider - developing a > ticket-based authentication scheme (with the advantages and problems of > any third-party mechanism) would be another area to explore. > >
Received on Tuesday, 9 December 1997 04:08:15 UTC