Hi, > I doubt it will be possible to use exactly the same methods for HTTP, > XMPP, SMTP and IMAP. The latter three (XMPP, SMTP and IMAP) are > session based, and might require authentication/authorization only > once during a session. HTTP is stateless (at least in general), so > some thought needs to be given to extending the auth across multiple > requests. While I agree there may be some differences between application protocols, it is the primary authentication method that must be shared. Consider the case where some sort of authentication subsystem sits outside each application. So long as the API for that can be shared, we're probably good. If HTTP requires a method to retain state across connections that is HTTP's business. I would not link the two together.
Eliot _______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
