Re: Kerberos authentication for HTTP/1.0

"Peter Lister, Cranfield Computer Centre" <ccprl@xdm001.ccc.cranfield.ac.uk>
Message-id: <9305250913.AA10959@xdm039>
To: www-talk@nxoc01.cern.ch
Cc: ccprl@xdm001.ccc.cranfield.ac.uk
Subject: Re: Kerberos authentication for HTTP/1.0 
In-Reply-To: Your message of "Mon, 24 May 93 20:13:42 BST."
             <9305241913.AA14966@xdm001> 
Date: Tue, 25 May 93 10:13:48 BST
From: "Peter Lister, Cranfield Computer Centre" <ccprl@xdm001.ccc.cranfield.ac.uk>
> This is fine, I only said the browser should detect failure due to Payment
> Required (code 402) and initiate a dialog that requests the password, I
> didn't say you couldn't exec kinit to do the work.  I just don't want the

OK, fair enough. But you didn't say I could, and I'm usually right to
assume (omission in description) -> (lack of function) (e.g. when
reading vendorhype).

> FYI: the problem I'm trying to solve is not so much local access to
> documents (you could simply check IP address for that and get most of what
> you need) but rather the purchasing of books and other services over the
> Internet.

I appreciate that you're interested in publishing. So am I, but I have
a more immediate requirement which ordinary Kerberos will satisfy. I
want to restrict certain document to certain INDIVIDUALS, but allow
those individuals to use ANY workstation (even at a remote site). IP
address filtering won't do that. I don't want simple Kerberos
functionality to be delayed for months while the rest of the community
argues about the finer point of widespread publication.

If this sounds really negative, it's not meant to be. I loudly applaud
the efforts of the folk who are doing this! :-)   :-0 :-0 :-0 (3 cheers)

Peter Lister                                    p.lister@cranfield.ac.uk
Computer Centre,
Cranfield Institute of Technology,        Voice: +44 234 754200 ext 2828
Cranfield, Bedfordshire MK43 0AL England    Fax: +44 234 750875