Re: Digest authentication

Dave Kristol (dmk@allegra.att.com)
Thu, 27 Apr 95 10:04:06 EDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mike Cowlishaw: "Opaque"
Previous message: wmperry@spry.com: "Re: Digest authentication"
Maybe in reply to: Mike Cowlishaw: "Digest authentication"

Bill Perry said:
  > Mike Cowlishaw writes:
  > > Good to see it works.  Question: why is the 'opaque' field part of
  > > the WWW-Authenticate: header?  It would seem to be generally useful,
  > > independent of authentication, and therefore perhaps merits a header
  > > of its own:
  > > 
  > >   Opaque: 34e1....3c81
  > 
  >   I wondered that myself.  It would dovetail nicely with either the
  > 'Session-ID' or 'Cookie' proposals.

But you might want a separate Opaque: value for each of Session-ID
and WWW-Authenticate:.  Better to leave them as attributes of a
particular header, IMO.

Dave Kristol

Next message: Mike Cowlishaw: "Opaque"
Previous message: wmperry@spry.com: "Re: Digest authentication"
Maybe in reply to: Mike Cowlishaw: "Digest authentication"