RE: Some comments on Digest Auth

Dave Kristol (dmk@research.bell-labs.com)
Tue, 20 Jan 98 15:59:20 EST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Scott Lawrence: "Re: Has the Content-Length issue been resolved?"
Previous message: Scott Lawrence: "Test Day 1998-01-22"

Paul Leach wrote:
  > > [DMK:]
  > > So let me hark back to the discussion of a few weeks ago.  Let's not
  > > try to make Digest do something it was not intended to do.  Let's
  > > hold replay-proof Digest for digest-ng discussions.
  > > 
  > No.
  > 
  > A replayable Digest is just as bad as Basic.

Let me say the same thing differently:  A replayable Digest is no worse
than Basic.  And it has the merit that it eliminates cleartext passwords.
That's all we were trying to do.

Dave Kristol

Next message: Scott Lawrence: "Re: Has the Content-Length issue been resolved?"
Previous message: Scott Lawrence: "Test Day 1998-01-22"