[Ietf-http-auth] draft-sayre-http-hmac-digest-00
Leif Johansson
leifj at it.su.se
Mon Mar 6 14:36:40 PST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Scott Cantor wrote:
>> However, the solutions suitable for an SOAP/HTTP client which is part of
>> an n-tier application may well differ significantly from those of a
>> caldav client where there is probably a user somewhere close at hand.
>
> SOAP/HTTP is a third (or more) set of considerations over and above the
> kinds of issues that come up for HTTP. I personally agree with PHB that
> defining yet more shared secret approaches just isn't all that useful
> because it's a very small improvement over what I can already do. I don't
> want a shared secret, period.
I agree.
>
> But that's where one size still doesn't fit all because some people want a
> much smaller improvement.
>
Speaking for myself I want a larger improvement - I want kerberos with
credentials forwarding :-) Doing this for SOAP using WS-Security will be
a very big change. Doing it using Negotiate will be relatively minor.
Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEDLl48Jx8FtbMZncRAjaEAKCntkJyQ3JsWbknxsnrtu32hrVHXQCfSly/
+TycX1U6F1h8EW/o7TU6dic=
=p+GE
-----END PGP SIGNATURE-----
More information about the Ietf-http-auth
mailing list