[Cosmo-dev] Re: [Ietf-caldav] References
in draft-dusseault-caldav-12
Kervin L. Pierre
kervin at adevsoft.com
Fri Jun 23 12:01:11 PDT 2006
Hello,
This crossed my mind when the discussion came
up. I was hoping no one would notice :)
Is this going to change?
This plain-text is very useful for debugging,
and I would imagine troubleshooting in the
future.
I started looking at HTTP DIGEST as this
discussion started, and it doesn't look good.
There seemed to have been a lot of MS/Apache
interop issues in the past. Hope those have
been cleared up.
But my big issue is that we use MSXML object
as our HTTP stack. A lot of clients are
going to do this to. But I haven't found a
way to manipulate the Auth method as yet.
Still looking...
Best regards,
Kervin
Brian Moseley wrote:
> (excerpted from a discussion on the ietf-caldav list)
>
> On 6/23/06, Lisa Dusseault <lisa at osafoundation.org> wrote:
>
>> It looks like our text could still do with some improvement however;
>> something along the lines of "Servers MUST NOT offer BASIC over an
>> unprotected channel. Clients MUST support TLS in order to provide
>> one channel-encryption mechanism that servers can rely on if they
>> decide to offer BASIC."
>
> just one more place that osafsrv is defiicient - we allow insecure
> communications out of the box :)
> _______________________________________________
> cosmo-dev mailing list
> cosmo-dev at lists.osafoundation.org
> http://lists.osafoundation.org/mailman/listinfo/cosmo-dev
>
More information about the cosmo-dev
mailing list