- From: Dave Kristol <dmk@research.bell-labs.com>
- Date: Tue, 20 Jan 98 15:59:20 EST
- To: paulle@microsoft.com
- Cc: http-wg@cuckoo.hpl.hp.com
Paul Leach wrote: > > [DMK:] > > So let me hark back to the discussion of a few weeks ago. Let's not > > try to make Digest do something it was not intended to do. Let's > > hold replay-proof Digest for digest-ng discussions. > > > No. > > A replayable Digest is just as bad as Basic. Let me say the same thing differently: A replayable Digest is no worse than Basic. And it has the merit that it eliminates cleartext passwords. That's all we were trying to do. Dave Kristol
Received on Tuesday, 20 January 1998 13:01:45 UTC