W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 1999

Re: Mozilla editor and DAV

From: John Stracke <francis@ecal.com>
Date: Wed, 25 Aug 1999 13:17:18 -0400
Message-ID: <37C4251E.C24ADD1E@ecal.com>
To: w3c-dist-auth@w3.org
Stig Bakken wrote:

> As for the secure authentication, that is an issue that has to be dealt
> with for WebDAV (and HTTP in general) anyway.

Yes, but the point is that any acceptably strong authentication system is
going to involve credentials that can't be reused.  (E.g., if I'm running
through a proxy, then the proxy can steal my credentials if I use Basic
authentication, but not if I use Digest.) This is more or less OK if only
your browser has the credentials; but, if you want to do a filesystem, it's
going to need access to all the credentials of all the users who want to use
it.  (For example, with Samba, if I want a filesystem to be mounted at
startup, I have to put the password into the appropriate /etc/rc.d script.)

|John Stracke    | My opinions are my own | S/MIME & HTML OK  |
|Chief Scientist | NT's lack of reliability is only surpassed |
|eCal Corp.      |  by its lack of scalability. -- John Kirch |
Received on Wednesday, 25 August 1999 13:18:39 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:17 UTC