Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 18958 invoked from network); 29 Sep 2005 21:11:36 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 29 Sep 2005 21:11:36 -0000 Received: (qmail 27033 invoked by uid 500); 29 Sep 2005 21:11:32 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 26985 invoked by uid 500); 29 Sep 2005 21:11:31 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 26972 invoked by uid 99); 29 Sep 2005 21:11:31 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Sep 2005 14:11:31 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: neutral (asf.osuosl.org: local policy) Received: from [69.225.174.131] (HELO x.win.covalent.net) (69.225.174.131) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Sep 2005 14:11:36 -0700 Received: from [192.168.0.21] ([24.13.128.132]) by x.win.covalent.net over TLS secured channel with Microsoft SMTPSVC(5.0.2195.6713); Thu, 29 Sep 2005 14:09:40 -0700 Message-ID: <433C5831.7070706@rowe-clan.net> Date: Thu, 29 Sep 2005 16:10:09 -0500 From: "William A. Rowe, Jr." User-Agent: Mozilla Thunderbird 1.0.6-1.1.fc3 (X11/20050720) X-Accept-Language: en-us, en MIME-Version: 1.0 To: dev@httpd.apache.org, dav-dev@lyra.org Subject: [Fwd: HTTP authentication] Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 29 Sep 2005 21:09:40.0859 (UTC) FILETIME=[1B6954B0:01C5C53A] X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N I expect some on this list would be interested in the discussion list below. -------- Original Message -------- Subject: HTTP authentication Date: Thu, 29 Sep 2005 13:07:54 -0700 From: Lisa Dusseault To: HTTP working group , CalDAV DevList , WebDav WG Talking with various potential CalDAV deployers lately, there's a perceived need for better HTTP authentication mechanisms: ones which can deal with federated identity and single sign-on. I've also heard people respond "what's the problem? Put an authentication proxy in the proxy path" or suggest HTTP-SASL or a number of other possible solutions to possible problems. So, we probably need first to discuss whether there is a problem, and if so, what to do about it. There's been a suggestion to hold a BOF in Vancouver (if it's not too late to plan one) to see who the interested parties are and start defining (or defining away) the problem. Another idea is to hold a workshop at some point after we've identified the interested parties. Anyway, I've started a separate discussion list for this topic-- I didn't want to spam the general HTTP list or make people who weren't interested in general HTTP issues (but only in authentication for CalDAV/WebDAV) join that list. Please join and chime in any time about what you perceive the problem or lack of problem to be or leap straight to what ought to be done. http://lists.osafoundation.org/cgi-bin/mailman/listinfo/ietf-http-auth Lisa