Re: Gen-ART LC Review ofdraft-ietf-geopriv-http-location-delivery-14.txt



On Jun 8, 2009, at 11:58 PM, Thomson, Martin wrote:

[1] The document is clear on its use of digest/basic: the LIS MUSTNOT rely on it being used. That’s in recognition of the aboveconstraint. In other words, the LIS MUST NOT fail a request becausethe device did not provide authentication. That doesn’t prevent itfrom being used in an extension to the protocol.

That may have been the intent, but the wording is of the form "MUSTNOT relay on [cookies] or _use_ Basic or Digestauthentication." (emphasis mine). So if you edit out the cookiesphrase, it says you MUST NOT use basic or digest authentication.

Mary proposed in a separate email to relax that to a SHOULD NOT-but ifI recall that was still SHOULD NOT rely on cookies or _use_ digest.

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

RE: Gen-ART LC Review ofdraft-ietf-geopriv-http-location-delivery-14.txt, Bernard Aboba

Next by Date:

Re: Gen-ART LC Review of draft-ietf-geopriv-http-location-delivery-14, Ben Campbell

Previous by Thread:

RE: Gen-ART LC Review ofdraft-ietf-geopriv-http-location-delivery-14.txt, Thomson, Martin

Next by Thread:

Call for Nomination: RFC Series Editor, IAB Chair

Indexes:

[Date] [Thread] [Top] [All Lists]