Re: [moore@cs.utk.edu: http digest auth + http 1.1?]

Koen Holtman (koen@win.tue.nl)
Mon, 26 Aug 1996 15:16:10 +0200 (MET DST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: John C. Mallery: "Re: ISO-conformant Dates?"
Previous message: Larry Masinter: "[moore@cs.utk.edu: http digest auth + http 1.1?]"
In reply to: Larry Masinter: "[moore@cs.utk.edu: http digest auth + http 1.1?]"
Next in thread: Michael Smith: "Re: [moore@cs.utk.edu: http digest auth + http 1.1?]"

Larry Masinter:
>
>It is my belief that it is the intent of the working group that digest
>authentication be part of HTTP/1.1. 
>
>If you disagree, would you please let me know ASAP?

[...]

>Is it the intention of the working group that the support for the
>digest authentication method should be included as part of http 1.1?
>
>(that is, should compliance with the http 1.1 spec require support for 
>the digest authentication method?)

I feel that digest authentication is a `may support' feature, not a
`must support' feature for HTTP/1.x applications.  I feel that
compliance with 1.1 must _not_ require support for digest
authentication: support for various authentication methods has always
been optional in HTTP.  If support were required, this would greatly
increase the requirements on a minimal 1.1 application, which is a bad
thing.

I have no opinion on whether it is preferable to merge the digest
authentication draft into the main 1.1 draft.  As far as I am
concerned, this decision can be left to the RFC editor.

Koen.

Next message: John C. Mallery: "Re: ISO-conformant Dates?"
Previous message: Larry Masinter: "[moore@cs.utk.edu: http digest auth + http 1.1?]"
In reply to: Larry Masinter: "[moore@cs.utk.edu: http digest auth + http 1.1?]"
Next in thread: Michael Smith: "Re: [moore@cs.utk.edu: http digest auth + http 1.1?]"