- From: Mark Nottingham <mnot@mnot.net>
- Date: Fri, 20 Jul 2012 09:52:08 +1000
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: Ross Nicoll <jrn@jrn.me.uk>, Phillip Hallam-Baker <hallam@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
PHK - Talking about possible new authentication schemes *is* in our current scope. Thanks, On 20/07/2012, at 12:47 AM, Poul-Henning Kamp wrote: > In message <50081C8B.4010006@jrn.me.uk>, Ross Nicoll writes: > >> I'm guessing the idea would be to write an HTTP authentication protocol >> that uses [...] > > All I can see HTTP doing, is transport opaque tokens forth and back. > > If we design the protocol to do that well enough, it will support > any identification/authentication protocol you care to put on top of > it today or at a later date. > > Adding "solving the second hardest problem in cryptography" to our > TODO list, is scope-creep. > > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. -- Mark Nottingham http://www.mnot.net/
Received on Thursday, 19 July 2012 23:52:36 UTC