Re: Proposal for new HTTP 1.1 authentication scheme

Scott Lawrence (lawrence@agranat.com)
Fri, 5 Dec 1997 13:53:46 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: John Franks: "Re: Proposal for new HTTP 1.1 authentication scheme"
Previous message: Albert Lunde: "Re: Proposal for new HTTP 1.1 authentication scheme"
In reply to: Eric_Houston/CAM/Lotus@lotus.com: "Proposal for new HTTP 1.1 authentication scheme"
Next in thread: John Franks: "Re: Proposal for new HTTP 1.1 authentication scheme"
Reply: John Franks: "Re: Proposal for new HTTP 1.1 authentication scheme"

Digest authentication already includes a mechanism (the 'domain'
attribute; see section 3.2.1 of draft-ietf-http-authentication-00) to
specify that credentials may be used on multiple servers, and through the
'digest' attribute allows for mutual authentication.  

There is also the model of Kerberos to consider - developing a
ticket-based authentication scheme (with the advantages and problems of
any third-party mechanism) would be another area to explore.

Next message: John Franks: "Re: Proposal for new HTTP 1.1 authentication scheme"
Previous message: Albert Lunde: "Re: Proposal for new HTTP 1.1 authentication scheme"
In reply to: Eric_Houston/CAM/Lotus@lotus.com: "Proposal for new HTTP 1.1 authentication scheme"
Next in thread: John Franks: "Re: Proposal for new HTTP 1.1 authentication scheme"
Reply: John Franks: "Re: Proposal for new HTTP 1.1 authentication scheme"