Re: CNONCE: proposed resolution

Dave Kristol (dmk@bell-labs.com)
Mon, 03 Aug 1998 17:54:25 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dave Kristol: "Re: CNONCE: proposed resolution"
Previous message: Scott Lawrence: "Re: CNONCE: proposed resolution"
Maybe in reply to: Scott Lawrence: "CNONCE: proposed resolution"
Next in thread: Dave Kristol: "Re: CNONCE: proposed resolution"

Scott Lawrence wrote:
> 
> Paul Leach wrote:
> 
> > I think that absence of cnonce should be illegal if qop=auth or
> > qop=auth-int is selected by the client; if the client really _demands_
> > to be totally braindead, it can send a constant as its cnonce.
> 
> I'm also happy with that solution.

Just what does "illegal" mean?  What should a server do if it gets such
an "illegal" request?

Dave Kristol

Next message: Dave Kristol: "Re: CNONCE: proposed resolution"
Previous message: Scott Lawrence: "Re: CNONCE: proposed resolution"
Maybe in reply to: Scott Lawrence: "CNONCE: proposed resolution"
Next in thread: Dave Kristol: "Re: CNONCE: proposed resolution"