[Owncloud] propfind - why always two requests?
hemathor
hemathor at gmx.de
Fri Feb 1 15:32:28 UTC 2013
daniel,
> Where do you see an unencrypted request here? I just see one unauthenticated and one authenticated here. The log tells nothing about the encryption status.
ok, my bad...
> SSL is transport layer security, i.e. in encrypts the data stream, regardless on higher level protocols' authentication scheme. It doesn't know nor care. HTTP auth is then applied on top (i.e. inside the encrypted data stream),
that much i knew
> and the way it works is to issue a request, and wait for the server to ask for authentication (which it does, 401). The client will then follow up with an attempt to present its credentials, which succeeds (207, webdav multi status).
ant that's what bothers me... as someone else already mentioned, i consider an unauthenticated request as unnecessary, if authentication is already known as required. regardless if the cost of an http-request is with today's cpu-power and network bandwith close to neglectible... it's still unnecessary... and it fills up the log...
but i can totally understand if there are more important things to fix.
greetings...
--
======================================================================
e-mails are like postcards! everyone can read them...
======================================================================
for more information about encryption see:
- http://openpgp.org/
- https://en.wikipedia.org/wiki/Pretty_good_privacy (english)
- https://de.wikipedia.org/wiki/Pretty_Good_Privacy (deutsch)
======================================================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/owncloud/attachments/20130201/d88edde6/attachment.sig>
More information about the Owncloud
mailing list