[Ietf-http-auth] summarize dinner-bof?

RL 'Bob' Morgan rlmorgan at washington.edu
Wed Nov 9 13:52:24 PST 2005


I am intending to do so, but maybe not until Friday.  Others welcome to 
offer their versions, of course.

As a one-sentence no-doubt-only-semi-accurate summary:  we sketched out a 
way to integrate the SASL framework into HTTP (a rather different way than 
draft-nystrom-http-sasl-12.txt), relying on the authentication mechanism 
to provide material for channel binding in TLS, and relying on cookies (or 
perhaps some more focused cookie-like mechanism) for state management of 
the resulting session (which might of course span not only TCP connections 
but TLS sessions).

  - RL "Bob"

On Wed, 9 Nov 2005, Leif Johansson wrote:

>
> Maybe someone could summarize the outcome (as it was) of the
> dinner-bof last night? It felt like there was some level of
> agreement (at least where people could hear what was going on :-) )
> around a strawman from Eric.
>
> 	Cheers Leif


More information about the Ietf-http-auth mailing list