- From: Keith Moore <moore@cs.utk.edu>
- Date: Fri, 01 Jun 2007 14:55:44 -0400
- To: Stefan Eissing <stefan.eissing@greenbytes.de>
- CC: Robert Sayre <sayrer@gmail.com>, Mark Nottingham <mnot@mnot.net>, "Roy T. Fielding" <fielding@gbiv.com>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>, Apps Discuss <discuss@apps.ietf.org>
> Taking a step back, what needs attention from the best of minds is > 2617. Let's face it: http authentication is awkward and compared to > the rest of the protocol it feels like a child's toy, sitting in the > glove compartment of a BMW. very much agree. HTTP authentication as it currently exists is nearly useless, and forms-and-cookie authentication (at least as it tends to be implemented) isn't sufficient.
Received on Friday, 1 June 2007 18:56:36 UTC