[Twisted-Python] Something strange about cred
Phil Mayers
p.mayers at imperial.ac.uk
Fri Feb 9 06:24:29 EST 2007
David Reid wrote:
>
>> Death to HTTP digest authentication!
>
> I don't know, I definitely prefer digest authentication[1] to sending
> my password in plaintext[2]
+1
web2 auth is a much better architecture.
I only spent a few hours looking at it (primarily looking at how Apples
CalDAV server implemented SPNEGO - very neat) but it seemed to me that
it could issue multiple WWW-Authenticate headers and the browser should
pick and reply to the appropriate one.
Was my understanding correct? If so, why did the digest checker cause this?
More information about the Twisted-Python
mailing list