[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Write-up at xml.com from Mark Pilgrim on using HTTP authentication with WSSE
Username Token as an authentication technique for the AtomAPI .
The only thing that bothers me is that there's a lot here to suggest that
this system has already been adopted as part of the spec, but the current
draft leaves out discussion of authentication (it's "elided" see ), and I
couldn't find much on the Wiki ( seemed closest). There doesn't seem to
be anything conclusive on list.
The approach described in the article is certainly promising (I'd give it my
+1). But that's not the same as : "So that's what Atom authentication looks
like and that's why." This suggests that the technique described has been
fully discussed and accepted by the Atom community, which as far as I am
aware isn't the case (Side question - who are the vendors that have deployed
this? How did they know?).
I see there's a write-up of the format in the pipeline. I'd like to
respectfully ask Mark to ensure this refers to the consensus spec, rather
than a personal view of how the spec should look (unless of course the
'opinion' nature of the piece is made clear). We've already seen with RSS
how a single loud voice is enough to mess up a community, I trust this won't
be a recurrence.