- From: Greg Stein <gstein@lyra.org>
- Date: Mon, 1 Nov 1999 23:46:35 -0800 (PST)
- To: "Yaron Goland (Exchange)" <yarong@Exchange.Microsoft.com>
- cc: "Richard C." <zhengc@ea.oac.uci.edu>, "'WebDAV'" <w3c-dist-auth@w3.org>
All right... true... the spec is a bit different than I implied. Section 17.1 spells it out. Yes, it must be supported (as opposed to always required), and yes, you can use anything you want... *IF* you use a secure channel. Over plain old HTTP, the spec does state that Basic must not be used. Yes, I'm being picky here, but you were first :-) Cheers, -g On Mon, 1 Nov 1999, Yaron Goland (Exchange) wrote: > The spec says that digest MUST be supported. You can use anything you want, > including nothing. > > > -----Original Message----- > > From: Greg Stein [mailto:gstein@lyra.org] >... > > The WebDAV spec states that Digest authentication must be used. > > > > However, all clients and servers, that I'm aware of, are > > flexible in this > > regard. For example, Apache and mod_dav will allow the use of Basic > > authentication. -- Greg Stein, http://www.lyra.org/
Received on Tuesday, 2 November 1999 02:45:13 UTC