![(please configure the [header_logo] section in trac.ini)](https://www.ietf.org/images/ietflogotrans.gif)
Opened 10 years ago
Closed 10 years ago
#349 closed design (fixed)
Strength
| Reported by: | mnot@… | Owned by: | draft-ietf-httpbis-p7-auth@… |
|---|---|---|---|
| Priority: | normal | Milestone: | 20 |
| Component: | p7-auth | Severity: | In WG Last Call |
| Keywords: | Cc: |
Description
2.1 Challenge and Response - "The user agent MUST choose to use one of the challenges with the strongest auth-scheme it understands..." What does "strongest" mean here? Should we have an index of auth scheme strength as a registry field? This may seem like nit-picking, but we place a MUST against it.
Attachments (1)
Change History (6)
Changed 10 years ago by julian.reschke@…
comment:1 Changed 10 years ago by julian.reschke@…
- Resolution set to fixed
- Status changed from new to closed
comment:2 Changed 10 years ago by julian.reschke@…
- Milestone changed from unassigned to 20
- Resolution fixed deleted
- Status changed from closed to reopened
comment:3 Changed 10 years ago by julian.reschke@…
- Resolution set to incorporated
- Status changed from reopened to closed
comment:4 Changed 10 years ago by mnot@…
- Resolution incorporated deleted
- Status changed from closed to reopened
comment:5 Changed 10 years ago by mnot@…
- Resolution set to fixed
- Status changed from reopened to closed
Note: See
TracTickets for help on using
tickets.
Fixed in [1669]:
Tune the requirements wrt selecting the strongest auth schemes (fixes #349)