[
Lists Home |
Date Index |
Thread Index
]
On Thu, 8 Jan 2004 11:02:48 -0500
jcowan@reutershealth.com wrote:
> Alaric B Snell scripsit:
>
> > >Please elaborate. Is it a browser issue? a server issue? Is it
> > >implemented but just not turned on. Name names. Who deserves praise
> > >and who deserves calumny? Inquiring minds want to know.
> >
> > Let me see...
> >
> > http://static.userland.com/userLandDiscussArchive/msg012483.html
> >
> > http://www.unixpapa.com/auth/basic.html#sec2.2
> > \-> ('2.2.3. Why Digest Authentication Isn't Used')
>
> Specifically, BorgClients interoperate only with BorgServers and vice
> versa.
Ha! I wondered about that. MS's "WebFolders" works fine with Apache
using basic auth, but breaks with digest. In order to use digest on an
apache+webdav server, if the clients are running windows, they have to
purchase a third-party program that implements digest correctly
(webdrive, f'rinstance).
BTW, and just as an aside: there are strong reasons for *not* using SSL
at times. For instance, if I am editing a web site, then I really *do
not need* confidentiality (the pages are going to be publicly viewed), I
just wanna make sure that random strangers can't make edits. And if the
pages are large, I do not *want* the overhead of encrypting published
information merely to provide access control. WebDAV+digest is a good
solution for that (unless you're using windows to edit on an apache
server, that is).
Amy!
--
Amelia A. Lewis amyzing {at} talsever.com
A hundred thousand lemmings can't be wrong.
|
