[Cosmo-dev] Re: [Ietf-caldav] References in draft-dusseault-caldav-12

Brian Moseley bcm at osafoundation.org
Fri Jun 23 14:06:23 PDT 2006


On 6/23/06, Kervin L. Pierre <kervin at adevsoft.com> wrote:
> Hello,
>
> This crossed my mind when the discussion came
> up.  I was hoping no one would notice :)
>
> Is this going to change?

i've been waiting for somebody to bring up the issue before thinking
about it much :)

> This plain-text is very useful for debugging,
> and I would imagine troubleshooting in the
> future.

that has already been an issue, yeah.

> I started looking at HTTP DIGEST as this
> discussion started, and it doesn't look good.
> There seemed to have been a lot of MS/Apache
> interop issues in the past.  Hope those have
> been cleared up.
>
> But my big issue is that we use MSXML object
> as our HTTP stack.  A lot of clients are
> going to do this to.  But I haven't found a
> way to manipulate the Auth method as yet.
> Still looking...

my initial inclination is to provide both basic and digest and let the
administrator choose between the two, and to let the administrator
decide whether or not to require a security channel. i don't really
think it's our business to mandate a specific security policy.


More information about the cosmo-dev mailing list