[Cosmo-dev] Re: [Ietf-caldav] References in draft-dusseault-caldav-12

Brian Moseley bcm at osafoundation.org
Fri Jun 23 11:10:15 PDT 2006


(excerpted from a discussion on the ietf-caldav list)

On 6/23/06, Lisa Dusseault <lisa at osafoundation.org> wrote:

> It looks like our text could still do with some improvement however;
> something along the lines of "Servers MUST NOT offer BASIC over an
> unprotected channel.  Clients MUST support TLS in order to provide
> one channel-encryption mechanism that servers can rely on if they
> decide to offer BASIC."

just one more place that osafsrv is defiicient - we allow insecure
communications out of the box :)


More information about the cosmo-dev mailing list