Re: questions regarding draft-ietf-http-authentication-01

> > 5) For backwards compatibility with rfc-2069 there should be words to
> >    explictly prevent a server from sending "algorithm=MD5-sess" but no
> >    qop attribute. Maybe something like the following (just reusing the
> >    wording from above again):
> I appreciate the intent, but I don't think this helps backward compatibility
> at all. If the client doesn't understand MD5-Sess, then adding "qop" (which
> isn't in 2069 either) won't help.

Hmm, yes, I think I got the logic backwards. Ok, scratch it.



Received on Friday, 27 March 1998 16:41:03 UTC