Re: Digest mess

John C. Mallery (jcma@ai.mit.edu)
Wed, 17 Dec 1997 05:03:49 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andy Norman: "Administrivia: http-wg mailing list outage"
Previous message: Randy Turner: "Re: Digest mess"
Maybe in reply to: Roy T. Fielding: "Digest mess"
Next in thread: Scott Lawrence: "Re: Digest mess"
Reply: Scott Lawrence: "Re: Digest mess"
Reply: John Franks: "Re: Digest mess"

Yea, and now Internet Explorer 4.0 has broken their digest implementation
form 3.0. Of course, netscape doesn't do digests.

Of course, digests never authenticated the transaction and return codes,
leaving them vulnerable to man-in-the-middle attacks.

Quite the mess.

A couple of simple fixes and this would be very useful.

What gives?

Next message: Andy Norman: "Administrivia: http-wg mailing list outage"
Previous message: Randy Turner: "Re: Digest mess"
Maybe in reply to: Roy T. Fielding: "Digest mess"
Next in thread: Scott Lawrence: "Re: Digest mess"
Reply: Scott Lawrence: "Re: Digest mess"
Reply: John Franks: "Re: Digest mess"