Re: [kitten] [saag] HTTP authentication: the next generation from Alexey Melnikov on 2010-12-12 (ietf-http-wg@w3.org from October to December 2010)

From: Alexey Melnikov <alexey.melnikov@isode.com>
Date: Sun, 12 Dec 2010 21:40:49 +0300
To: Yoav Nir <ynir@checkpoint.com>
CC: "apps-discuss@ietf.org" <apps-discuss@ietf.org>, websec <websec@ietf.org>, "kitten@ietf.org" <kitten@ietf.org>, "http-auth@ietf.org" <http-auth@ietf.org>, "saag@ietf.org" <saag@ietf.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <4D051731.1020400@isode.com>

Yoav Nir wrote:

>EAP has one advantage. It is easy to integrate with existing RADIUS/DIAMETER infrastructure.
>
True.
And SASL has an advantage that it is easier to integrate with LDAP 
infrastructure.

I think this just demonstrates that before an HTTP authentication 
mechanism can be evaluated, people need to agree on a common evaluation 
criteria for HTTP authentication.

Received on Sunday, 12 December 2010 18:41:31 UTC