W3C home > Mailing lists > Public > ietf-tls@w3.org > October to December 1996

Re: Shared Key Authentication record type

From: Tom Weinstein <tomw@netscape.com>
Date: Tue, 15 Oct 1996 15:01:22 -0700
Message-ID: <326409B2.ABD@netscape.com>
To: Jeff Williams <jwkckid1@ix.netcom.com>
CC: ietf-tls@w3.org
Jeff Williams wrote:
>> No, you've misunderstood me.  I was referring to the particular
>> protocol, such as telnet or HTTP that you wished to add password
>> authentication to.  I still believe that this sort of mechanism does
>> not belong in TLS.
>   In your opinion, what would be the problem adding extension for
> Telnet or HTTP for password authentication?  I would think it is
> a logical inclusion.  I am confused here?  Help me out, ok?

My point was that if you already have to add a more secure password
mechanism to these other protocols because they will be used without
TLS, then it's redundant to add such a mechanism to TLS.

You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      | tomw@netscape.com
Received on Tuesday, 15 October 1996 18:00:31 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:17:12 UTC