From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Tue, 29 Aug 2006 18:32:58 -0700
From: Lyndon Nerenberg <lyndon@orthanc.ca>
To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu>
Subject: Re: [9fans] Pegasus 2.2 is released
In-Reply-To: <4CD56F45-B4AE-4EB1-9DE6-95A9F51AA501@ar.aichi-u.ac.jp>
Message-ID: <20060829182506.S21458@orthanc.ca>
References: <989cbe7a0e4a6b533c8a48845020a564@9netics.com>
	<4CD56F45-B4AE-4EB1-9DE6-95A9F51AA501@ar.aichi-u.ac.jp>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Topicbox-Message-UUID: aa2d9b4e-ead1-11e9-9d60-3106f5b1d025

> Implementing digest authentication is not difficult.
> However, if we want to change owner of running httpd by digest 
> authentication,
> then we should consider many many problems.

Digest is a bit of a hybrid in that it does authentication, and also 
provides data integrity and protection.  It would be nice to implement the 
transport layer part in a manner analogous to TLS.  I'm currently hacking 
on Plan 9's IMAP support, and SASL DIGEST with encryption is high on the 
TODO list. (It's a toss-up as to whether DIGEST-MD5 or STARTTLS has the 
wider deployment, but software that supports one tends not to support the 
other, so it's useful to have both for interoperability's sake.)

--lyndon