Re: Provocation ignored: Atom Protocol Authentication

[jpanzer@xxxxxxx (John Panzer)]

Robert Sayre wrote:

> John Panzer wrote:
>
> > I haven't seen any responses, positive, negative, or confused, to 
> > PaceAuthentication:
> >
> > http://intertwingly.net/wiki/pie/PaceAuthentication
> >
> > Thoughts?
>
>
> I reject the Pace's premise, I think.
>
> "Lack of agreement on authentication and security could easily cause 
> interoperability problems between Atom clients and servers."
>
> I'd like a bit more explanation of the problem this proposal is 
> seeking to solve, and why it is successful.
Many Atom operations might require authentication depending on the 
context.  To pick a common one, posting a new entry will usually require 
authentication and authorization on the server side.

If server A requires, say, HTTP Basic auth over HTTPS, but client B only 
does, say, HTTP Digest auth and doesn't have an SSL library, client B 
and server A will not work together.

I could go on, but I'll stop there and ask:  Do people feel that this is 
not really going to happen? Or that if it happens, it's not a problem?

-John