[338] in WWW Security List Archive
Re: Experimental implementation of SimpleMD5
daemon@ATHENA.MIT.EDU (Albert Lunde)
Tue Jan 24 19:32:20 1995
To: www-security@ns2.rutgers.edu
Date: Tue, 24 Jan 1995 13:03:06 -0600 (CST)
Cc: http-wg@cuckoo.hpl.hp.com
In-Reply-To: <9501241044.AA08513@dxmint.cern.ch> from "hallam@axal04.cern.ch" at Jan 24, 95 11:44:27 am
From: Albert-Lunde@nwu.edu (Albert Lunde)
Reply-To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Phillip wrote (in part) on www-security:
> Proposals:-
>
> 1) We authenticate the message body
> 2) All things being equal we make it as compatible with S-HTTP as possible
> 3) The discussion of a security scheme for the Web take place on the mailing
> list the IETF has been told is the official forum for such schemes.
> 4) We get something out fast enough that it can be included in HTTP/1.1
In this connection, the www-security list may be the correct forum
to talk about the security aspects. It seems to me that it would
help to also spell out to the HTTP list what basic set of headers need to be
used to negotate the use of this scheme and maintain upward compatibility
with S-HTTP.
Discussion may have started on the HTTP list because of its readership
or because it has been more active lately...
--
Albert Lunde Albert-Lunde@nwu.edu
