Hi Joe, > On 3 Aug 2021, at 6:33 am, Joseph Salowey <joe@xxxxxxxxxxx> wrote: > [Joe] I think we should deprecate MD5 in all cases and I also think you should treat digest as basic auth and run it over a secure channel in all cases. The text update looks good. There's been some... pushback on list since: https://www.w3.org/mid/2E8A6D6C-50DC-4753-916E-3AE43BBFECAE@xxxxxxxx Would you be comfortable if we just removed the discussion of digest and MD5 completely, and deferred action to an (eventual) update of 7616? Cheers, -- Mark Nottingham https://www.mnot.net/ -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
