leifj at it.su.se
Mon Mar 6 14:36:40 PST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Scott Cantor wrote:
>> However, the solutions suitable for an SOAP/HTTP client which is part of
>> an n-tier application may well differ significantly from those of a
>> caldav client where there is probably a user somewhere close at hand.
> SOAP/HTTP is a third (or more) set of considerations over and above the
> kinds of issues that come up for HTTP. I personally agree with PHB that
> defining yet more shared secret approaches just isn't all that useful
> because it's a very small improvement over what I can already do. I don't
> want a shared secret, period.
> But that's where one size still doesn't fit all because some people want a
> much smaller improvement.
Speaking for myself I want a larger improvement - I want kerberos with
credentials forwarding :-) Doing this for SOAP using WS-Security will be
a very big change. Doing it using Negotiate will be relatively minor.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Ietf-http-auth