[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: HTTP Authentication Options

To: Julian Reschke <julian.reschke@xxxxxx>
Subject: Re: HTTP Authentication Options
From: Eric Rescorla <ekr@xxxxxxxxxxxxxxxxxxxx>
Date: Mon, 17 Jul 2006 10:15:26 -0700
Cc: atom-syntax@xxxxxxx, secdir@xxxxxxx
In-reply-to: Your message of "Mon, 17 Jul 2006 19:13:17 +0200." <44BBC52D.3030007@xxxxxx>
List-archive: <http://www.imc.org/atom-syntax/mail-archive/>
List-id: <atom-syntax.imc.org>
List-unsubscribe: <mailto:atom-syntax-request@imc.org?body=unsubscribe>
Sender: owner-atom-syntax@xxxxxxxxxxxx

Julian Reschke <julian.reschke@xxxxxx> wrote:
> thanks for the good summary (with which I agree).
> 
> Obviously it's a good idea for IETF specs that are based on HTTP to
> talk about authentication options. What's really not clear to me why
> it is expected that this exercise should be repeated for each and
> every application of HTTP.
> 
> Wouldn't it make a lot more sense if there'd be a single BCP about the
> (currently) best way to do HTTP authentication (understanding that
> this may be a moving target), and let other specs such as AtomPub
> reference it?

This seems like a reasonable option to me, but of course it would
hold up every HTTP draft until such document existed... :)

-Ekr

References:
- Re: HTTP Authentication Options
  - From: Julian Reschke

Prev by Date: Re: HTTP Authentication Options
Next by Date: Re: HTTP Authentication Options
Previous by thread: Re: HTTP Authentication Options
Next by thread: Re: HTTP Authentication Options
Index(es):
- Date
- Thread