- From: Jim Whitehead <ejw@cse.ucsc.edu>
- Date: Tue, 3 Sep 2002 10:13:13 -0700
- To: "WebDAV" <w3c-dist-auth@w3.org>
- Message-ID: <AMEPKEBLDJJCCDEJHAMIAEPPFFAA.ejw@cse.ucsc.edu>
Accidentally caught by the spam filter. - Jim -----Original Message----- From: Haider Sahir Al-Baghdadi [mailto:hs84@uruklink.net] Sent: Monday, September 02, 2002 5:05 PM To: w3c-dist-auth@w3.org Subject: [Moderator Action] RE: Passwords and WebDAV Hmm, well I can see how this is an important deployment issue. I think the problem of notifying the user that their password has expired would be easier than providing a password modification protocol. It seems to be this problem isn't inherent to authoring -- regular Web access could run into this problem as well. For example, if my subscription to an online magazine, or digital library runs out, I might want to receive a message as well. But, authoring certainly does bring in clients that do not have HTML rendering capability. I think the best way to address this would be for someone to volunteer to write up an Internet Draft describing a new status code, and its meaning, to cover the password expiration, and password refresh cases. I think it should scrupulously avoid functionality that would allow a user to reset their password, unless it involved returning the URL of a Web page that would allow the password to be reset. But, this wouldn't affect existing WebDAV clients fast enough to affect your current situation -- for that, one option is to use email as a notification service, telling users their passwords have expired. - Jim > In my original message I said this may be out of the scope of > WebDAV, but now I think it is critical to WebDAV. We a currently > working on this issue with a large customer. With a normal HTTP > client (one that renders html) it is possible to solve the > expired password problem. However, with WebDAV clients there > currently is no way to solve this problem. This is currently THE > issue that is preventing the adoption of WebDAV for this > customer. If we want to have people use the WebDAV protocol we > have to be willing to solve problems like this one.
Received on Tuesday, 3 September 2002 13:16:16 UTC