Sam, Thankyou for correcting me on this.
It is very unfortunate that so many companies/people are using, or considering using this 'individual submission' for their Kerberos web authentication needs. I keep hearing about references to products/companies/people who have added this SPNEGO protocol to Apache, Netscape, Mozilla etc. just so that their products can remain compatible with Microsoft IE and IIS. It appears Apple did the same ... If will be useful, if in the future this submission gets taken by somebody, improved and progressed through IETF. Looks like we will have to live with it for now ! Tim. -----Original Message----- From: Sam Hartman [mailto:[EMAIL PROTECTED] Sent: 05 December 2003 17:42 To: Tim Alsop Cc: swbell; [EMAIL PROTECTED] Subject: Re: Macintosh Safari Browser and IIS with Kerberos >>>>> "Tim" == Tim Alsop <[EMAIL PROTECTED]> writes: Tim> Sam, Tim> Surely one view to take on this is : Tim> Apple have taken a decision to implement the IETF draft Tim> protocol that Microsoft use in IE and IIS. They have done Tim> this, but not correctly. If they are going to implement an Tim> IETF draft they should make their browser work the same way Tim> that IE works so that IIS cannot tell the difference ??? This is wrong on so many levels, including: * The protocol is an individual submission, not an IETF draft. It has not been subjected to IETf review, and the review it has received is rather negative. * The draft does not mandate any particular policy for when credentials are delegated. ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
