httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <>
Subject Re: [PATCH] Candidate 1: Re: 1.3.3x digest/nonce issue
Date Wed, 14 Apr 2004 12:08:01 GMT
Joshua Slive wrote:
> I do have one question about this:  Is anyone actually using mod_digest?
> I was under the impression that there doesn't exist any client that can
> interoperate with this module (as opposed to mod_auth_digest, which
> supports modern clients).  If this is true, why don't we just delete the
> darn thing?

AFAIK, it's the IE variety that fails to work with mod_digest,
but most others do. I have no idea on how widely used the
module itself is, but our options are:

   1. Remove it
   2. Demote it to experimental with a note that it
      suffers from this bug
   3. Fix it.
   4. Ignore it.

#4 is not under consideration at present. #3 seems like the
"right" thing to do, but only if it doesn't result in 1.3.3x
being delayed for weeks. #2 is reasonable, if only we didn't
have to worry about the CVS aspects of the move (yeah svn!)

   Jim Jagielski   [|]   [|]
      "A society that will trade a little liberty for a little order
             will lose both and deserve neither" - T.Jefferson

View raw message