- From: Gregory J. Woodhouse <gjw@wnetc.com>
- Date: Thu, 29 May 1997 06:32:17 -0700 (PDT)
- To: Dylan Barrell <dbarrell@opentext.ch>
- cc: "'Fisher Mark'" <FisherM@exch1.indy.tce.com>, "'w3c-dist-auth'" <w3c-dist-auth@w3.org>
The authentication scheme used by HTTP is extensible (in the sense that new schemes besides basic, digest and NTLM can easily be introduced using the same basic framework), and I see no reason why PEP couldn't be used to implemeent the credential type negotiation that you describe. That being the case, I see no reason why we need to break from the existing framework for authentication. In fact, I'm not altogether sure why schemes like digest or NTLM (I know it's proprietary) are too weak for our purposes. After all, isn't our goal to keep people from walking on eachother's files? This relatively modest goal doesn't seem to demand extremeley strong cryptographic methods -- especially since the basic framework makes it possible to upgrade the authentication scheme as required. --- Gregory Woodhouse gjw@wnetc.com / http://www.wnetc.com/home.html If you're going to reinvent the wheel, at least try to come up with a better one.
Received on Thursday, 29 May 1997 09:32:32 UTC