[dix] Federated Digest Auth
"Hallam-Baker, Phillip" <pbaker@verisign.com> Tue, 28 February 2006 22:45 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FEDam-0000za-K0; Tue, 28 Feb 2006 17:45:16 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FEDak-0000yM-55 for dix@ietf.org; Tue, 28 Feb 2006 17:45:14 -0500
Received: from colibri.verisign.com ([65.205.251.74]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FEDai-0003cz-RU for dix@ietf.org; Tue, 28 Feb 2006 17:45:14 -0500
Received: from mou1wnexcn01.vcorp.ad.vrsn.com (mailer1.verisign.com [65.205.251.34]) by colibri.verisign.com (8.13.1/8.13.4) with ESMTP id k1SMjAMM024150 for <dix@ietf.org>; Tue, 28 Feb 2006 14:45:10 -0800
Received: from MOU1WNEXMB04.vcorp.ad.vrsn.com ([10.25.13.157]) by mou1wnexcn01.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 28 Feb 2006 14:45:09 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 28 Feb 2006 14:45:09 -0800
Message-ID: <198A730C2044DE4A96749D13E167AD3792B235@MOU1WNEXMB04.vcorp.ad.vrsn.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Federated Digest Auth
Thread-Index: AcY8sxX1/Tf6NNI9ReW8N9zZoFvRAQABOwYQ
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
To: Digital Identity Exchange <dix@ietf.org>
X-OriginalArrivalTime: 28 Feb 2006 22:45:09.0945 (UTC) FILETIME=[A1007A90:01C63CB8]
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 93238566e09e6e262849b4f805833007
Subject: [dix] Federated Digest Auth
X-BeenThere: dix@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Digital Identity Exchange <dix@ietf.org>
List-Id: Digital Identity Exchange <dix.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dix>
List-Post: <mailto:dix@ietf.org>
List-Help: <mailto:dix-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=subscribe>
Errors-To: dix-bounces@ietf.org
> From: Dick Hardt [mailto:dick@sxip.com] > There was an IETF BOF on Beyond Basic Auth that I had hoped > would develop some richer Auth mechanisms within HTTP that > could work with DIX. How about Digest, it is supported inpractically every browser in use, it is secure against man in the middle attack, it is a standard and a MUST for HTTP/1.1 It takes practically no work to federate Digest and there is prior art on federation in the original proposal. If you use use the email address as the username, a common realm and SRV records as a discovery mechanism you can implement an interoperable federated auth scheme from existing code in a few hours. The scheme can be made even more compact and avoid leaking the URI being viewed by passing the HA2 value along with the federated auth request. Its simple, secure and built on existing standards. When I discussed this with Dan Connoly he had been thinking on very similar lines. _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix
- [dix] Federated Digest Auth Hallam-Baker, Phillip
- RE: [dix] Federated Digest Auth Hallam-Baker, Phillip
- Re: [dix] Federated Digest Auth Robert Yates
- Re: [dix] Federated Digest Auth Lisa Dusseault
- Re: [dix] Federated Digest Auth Dick Hardt
- Re: [dix] Federated Digest Auth Peter Davis
- Re: [dix] Federated Digest Auth Lisa Dusseault
- RE: [dix] Federated Digest Auth Hallam-Baker, Phillip
- RE: [dix] Federated Digest Auth Hallam-Baker, Phillip
- Re: [dix] Federated Digest Auth Robert Yates
- Re: [dix] Federated Digest Auth Dick Hardt
- RE: [dix] Federated Digest Auth Hallam-Baker, Phillip
- Re: [dix] Federated Digest Auth Dick Hardt
- Re: [dix] Federated Digest Auth Lisa Dusseault
- Re: [dix] Federated Digest Auth Robert Yates
- [dix] User of identifiers Dick Hardt
- RE: [dix] Federated Digest Auth Hallam-Baker, Phillip
- Re: [dix] Federated Digest Auth Dick Hardt
- Re: [dix] Federated Digest Auth thayes0993
- RE: [dix] Federated Digest Auth Hallam-Baker, Phillip