W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 1998

RE: Some comments on Digest Auth

From: Vinod Valloppillil <vinodv@microsoft.com>
Date: Tue, 20 Jan 1998 15:30:44 -0800
Message-Id: <5CEA8663F24DD111A96100805FFE658701FDE65F@red-msg-51.dns.microsoft.com>
To: 'John Franks' <john@math.nwu.edu>, Paul Leach <paulle@microsoft.com>
Cc: Dave Kristol <dmk@bell-labs.com>, Yaron Goland <yarong@microsoft.com>, http-wg@cuckoo.hpl.hp.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/5248 
[re: embedding client IP addr in the nonce]

>If the client chooses the proxy based on URL it will work because the
>URL requested without credentials (which elicits the nonce) will be
>the same as the URL requested with credentials.  If the first request
>without credentials and the second with credentials are from different
>proxies, then you are right it will break.

this will be more common in the field as protocols such as
http://ircache.nlanr.net/Cache/ICP/draft-vinod-carp-v1-02.txt become more
popular....
Received on Wednesday, 21 January 1998 05:38:45 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:04 UTC