James Holderness wrote:
In our aggregator we currently support Basic, Digest and NTLM authentication, but no TLS/SSL. This is the same code that we will be using for our APP client so obviously you're getting the same capabilities. TLS is something I intend to do at some point, but it hasn't been considered a priority since it's a lot of work and there didn't appear to be that many feeds that required it. For an APP client, though, I can see how that might be more of an issue, so I expect it'll become a higher priority when we get to that point in the development.
For the kinds of enterprise scenarios we're looking at, HTTPS/SSL/TLS support is a critical requirement, for both the feed reader and the APP client.
Looking at the code now I notice I also had intended to implement WSSE authentication but I must have put that on hold when I realised it wasn't likely to be needed for the aggregator. I remember way back when APP was first being discussed, WSSE was considered somewhat essential - is that no longer the case?
We don't intend to implement WSSE authentication for APP at this point. - James
