- From: Dylan Barrell <dbarrell@opentext.com>
- Date: Fri, 2 Nov 2001 10:32:29 -0500
- To: "Alan Kent" <ajk@mds.rmit.edu.au>, <w3c-dist-auth@w3.org>
Sounds good to me too... --Dylan > -----Original Message----- > From: w3c-dist-auth-request@w3.org > [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Alan Kent > Sent: Thursday, November 01, 2001 9:53 PM > To: w3c-dist-auth@w3.org > Subject: Re: Resolving Digest authentication issue > > > On Thu, Nov 01, 2001 at 05:52:37PM -0800, Jim Whitehead wrote: > > * Basic MUST NOT be used unless the connection is secure. > Secure is defined > > to be TLS over the Internet, a physically secure network, or a network > > behind a well-administered firewall. > > > > Client requirements: MUST support Basic, SSL/TLS support is STRONGLY > > RECOMMENDED > > Server requirements: SHOULD support Basic, SSL/TLS support is STRONGLY > > RECOMMENDED > > > > * Digest SHOULD be used when the connection is insecure, such > as a non-TLS > > connection over the Internet. > > > > Client requirements: MUST support Digest > > Server requirements: SHOULD support Digest, but it is > acceptable for Digest > > authentication to be disabled by default. It SHOULD be possible for an > > administrator to configure a server to use Digest. > > > > * Additional authentication schemes beyond Basic and Digest MAY be > > supported, whether or not described in an IETF specification. > Implementors > > should be aware that use of other authentication schemes guarantees some > > level of non-interoperation of that authentication scheme, > since all WebDAV > > clients and servers cannot be expected to support that authentication > > scheme. > > > > * Finally, to guarantee some level of authentication will be possible: a > > server MUST at minimum support either Basic OR Digest. A server SHOULD > > support Basic AND Digest. > ... > > Comments? > > > > - Jim > > Sounds good to me. > Alan
Received on Friday, 2 November 2001 10:33:47 UTC