- From: Christopher Allen <ChristopherA@consensus.com>
- Date: Wed, 31 Jul 1996 18:22:11 -0700
- To: ietf-tls@w3.org
At 5:46 PM -0700 7/31/96, Don Schmidt wrote: >>>use use FTP's current password methods to authenticate the client. >>>Same can be done with HTTP using it's current auth structure, >>and most every other protocol over SSL. > >is precisely one of the problems that including a standard shared-secret >auth mechanism in TLS is designed to solve. Each one of these protocols >does password auth in an app specific manner. It would greatly simplify >the development, deployment and administration of secured apps if there >is was one system-level protocol and I/F for security. This is a >benefit of TLS for certificate-based auth. When it is within our grasp, >who are we to deny the same benefit to applications or service >providers that have reasons to continue to use shared-secret based auth? But if you are going to do that much engineering to change software to "one system-level protocol", then it should be a small step to using certificates correctly. If legacy is important, they use the application level AUTH commands over SSL. If you are doing something new, use certificates. ------------------------------------------------------------------------ ..Christopher Allen Consensus Development Corporation.. ..<ChristopherA@consensus.com> 1563 Solano Avenue #355.. .. Berkeley, CA 94707-2116.. ..Home of "SSL Plus: o510/559-1500 f510/559-1505.. .. Security Integration Suite(tm)" <http://www.consensus.com/SSLPlus>..
Received on Wednesday, 31 July 1996 21:22:30 UTC