- From: John Stracke <francis@ecal.com>
- Date: Wed, 25 Aug 1999 13:17:18 -0400
- To: w3c-dist-auth@w3.org
Stig Bakken wrote: > As for the secure authentication, that is an issue that has to be dealt > with for WebDAV (and HTTP in general) anyway. Yes, but the point is that any acceptably strong authentication system is going to involve credentials that can't be reused. (E.g., if I'm running through a proxy, then the proxy can steal my credentials if I use Basic authentication, but not if I use Digest.) This is more or less OK if only your browser has the credentials; but, if you want to do a filesystem, it's going to need access to all the credentials of all the users who want to use it. (For example, with Samba, if I want a filesystem to be mounted at startup, I have to put the password into the appropriate /etc/rc.d script.) -- /=============================================================\ |John Stracke | My opinions are my own | S/MIME & HTML OK | |francis@ecal.com|============================================| |Chief Scientist | NT's lack of reliability is only surpassed | |eCal Corp. | by its lack of scalability. -- John Kirch | \=============================================================/
Received on Wednesday, 25 August 1999 13:18:39 UTC