[Ietf-http-auth] summarize dinner-bof?
RL 'Bob' Morgan
rlmorgan at washington.edu
Wed Nov 9 13:52:24 PST 2005
I am intending to do so, but maybe not until Friday. Others welcome to
offer their versions, of course.
As a one-sentence no-doubt-only-semi-accurate summary: we sketched out a
way to integrate the SASL framework into HTTP (a rather different way than
draft-nystrom-http-sasl-12.txt), relying on the authentication mechanism
to provide material for channel binding in TLS, and relying on cookies (or
perhaps some more focused cookie-like mechanism) for state management of
the resulting session (which might of course span not only TCP connections
but TLS sessions).
- RL "Bob"
On Wed, 9 Nov 2005, Leif Johansson wrote:
> Maybe someone could summarize the outcome (as it was) of the
> dinner-bof last night? It felt like there was some level of
> agreement (at least where people could hear what was going on :-) )
> around a strawman from Eric.
> Cheers Leif
More information about the Ietf-http-auth