[Cosmo-dev] Re: [Ietf-caldav] References in draft-dusseault-caldav-12

Kervin L. Pierre kervin at adevsoft.com
Fri Jun 23 12:01:11 PDT 2006


Hello,

This crossed my mind when the discussion came
up.  I was hoping no one would notice :)

Is this going to change?

This plain-text is very useful for debugging,
and I would imagine troubleshooting in the
future.

I started looking at HTTP DIGEST as this
discussion started, and it doesn't look good.
There seemed to have been a lot of MS/Apache
interop issues in the past.  Hope those have
been cleared up.

But my big issue is that we use MSXML object
as our HTTP stack.  A lot of clients are
going to do this to.  But I haven't found a
way to manipulate the Auth method as yet.
Still looking...

Best regards,
Kervin

Brian Moseley wrote:
> (excerpted from a discussion on the ietf-caldav list)
> 
> On 6/23/06, Lisa Dusseault <lisa at osafoundation.org> wrote:
> 
>> It looks like our text could still do with some improvement however;
>> something along the lines of "Servers MUST NOT offer BASIC over an
>> unprotected channel.  Clients MUST support TLS in order to provide
>> one channel-encryption mechanism that servers can rely on if they
>> decide to offer BASIC."
> 
> just one more place that osafsrv is defiicient - we allow insecure
> communications out of the box :)
> _______________________________________________
> cosmo-dev mailing list
> cosmo-dev at lists.osafoundation.org
> http://lists.osafoundation.org/mailman/listinfo/cosmo-dev
> 


More information about the cosmo-dev mailing list