Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
From: =?ISO-8859-1?Q?Andr=E9?= Malo <nd@perlig.de>
Subject: Re: [PATCH] mod_auth_digest.c -- EnableQueryStringHack
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Organization: TIMTOWTDI
References: <20030608214308.M4440@cyan.com>
 <Pine.LNX.4.44.0306082144440.18160-100000@deepthought.cs.virginia.edu>
Date: Mon, 9 Jun 2003 04:07:02 +0200
To: dev@httpd.apache.org
Message-ID: <n2m-g.1b7f4jaugshvnndparker@news.perlig.de>
User-Agent: Yes!

* Cliff Woolley wrote:

> On Sun, 8 Jun 2003, Paul Querna wrote:
>=20
>> This Patch is setup to use a BrowserMatch directive to allow MSIE
>> clients to use Digest Authentication.
>=20
> That's strange... I'd have sworn somebody already submitted just such a
> patch.  Might do us well to look back in the archives and find out what
> ever happened with that.

Just my opinion: I don't like it very much, since it decreases security and
violates the RFC very hard. The Client should be fixed, not the server.
...but I won't stand in the way if there are positive votes on it.

nd
--=20
$_=3Dq?tvc!uif)%*|#Bopuifs!A`#~tvc!Xibu)%*|qsjou#Kvtu!A`#~tvc!KBQI!)*|~
tvc!ifmm)%*|#Qfsm!A`#~tvc!jt)%*|(Ibdlfs(~  # What the hell is JAPH? ;
@_=3Dsplit/\s\s+#/;$_=3D(join''=3D>map{chr(ord(  #             Andr=E9 Malo ;
$_)-1)}split//=3D>$_[0]).$_[1];s s.*s$_see;  #  http://pub.perlig.de/ ;