Re: another Digest Access Authentication question

Eric W. Sink (eric@spyglass.com)
Wed, 22 Mar 1995 09:01:40 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Owen Rees: "Re: Digest Access Authentication proposal - "Authorization""
Previous message: Eric W. Sink: "Re: still more Digest Authentication comments"
Maybe in reply to: Dave Kristol: "another Digest Access Authentication question"

>[Has the "Digest" authentication scheme become "KeyedDigest"?]

No, it's "Digest".

>So I don't see the
>problem with unsecured anchors.  The [Keyed]Digest authentication
>successfully required Alice to identify herself, as it was supposed to.

Agreed, Digest Authentication, is just that -- Authentication.  It is not
encryption, and it wasn't intended to be.  If you want to pass sensitive
information, use SHTTP.


--
Eric W. Sink, Senior Software Engineer --  eric@spyglass.com

        http://www.spyglass.com/~eric/home.htm

Next message: Owen Rees: "Re: Digest Access Authentication proposal - "Authorization""
Previous message: Eric W. Sink: "Re: still more Digest Authentication comments"
Maybe in reply to: Dave Kristol: "another Digest Access Authentication question"