[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Shared Key Authentication record type

To: Jeff Williams <jwkckid1@xxxxxxxxxxxxx>
Subject: Re: Shared Key Authentication record type
From: Tom Weinstein <tomw@xxxxxxxxxxxx>
Date: Tue, 15 Oct 1996 15:01:22 -0700
Cc: ietf-tls@xxxxxx
Organization: Netscape Communications, Inc.
References: <>
Sender: tomw@xxxxxxxxxxxx

Jeff Williams wrote:
> 
>> No, you've misunderstood me.  I was referring to the particular
>> protocol, such as telnet or HTTP that you wished to add password
>> authentication to.  I still believe that this sort of mechanism does
>> not belong in TLS.
> 
>   In your opinion, what would be the problem adding extension for
> Telnet or HTTP for password authentication?  I would think it is
> a logical inclusion.  I am confused here?  Help me out, ok?

My point was that if you already have to add a more secure password
mechanism to these other protocols because they will be used without
TLS, then it's redundant to add such a mechanism to TLS.

-- 
You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      | tomw@xxxxxxxxxxxx

References:
- Re: Shared Key Authentication record type
  - From: Jeff Williams

Prev by Date: Re: Shared Key Authentication record type
Next by Date: Re: remove
Previous by thread: Re: Shared Key Authentication record type
Next by thread: Re: remove
Index(es):
- Date
- Thread