[Cosmo-dev] Re: [Ietf-caldav] References in
draft-dusseault-caldav-12
Brian Moseley
bcm at osafoundation.org
Fri Jun 23 11:10:15 PDT 2006
(excerpted from a discussion on the ietf-caldav list)
On 6/23/06, Lisa Dusseault <lisa at osafoundation.org> wrote:
> It looks like our text could still do with some improvement however;
> something along the lines of "Servers MUST NOT offer BASIC over an
> unprotected channel. Clients MUST support TLS in order to provide
> one channel-encryption mechanism that servers can rely on if they
> decide to offer BASIC."
just one more place that osafsrv is defiicient - we allow insecure
communications out of the box :)
More information about the cosmo-dev
mailing list