On Jan 25, 2023, at 9:49 AM, Eliot Lear <l...@lear.ch> wrote: > > In thinking about this flow, the real issue boils down to this: > > If the user is going to use 2FA, then the peer needs to know in advance. If > the peer tries to use Basic Auth and server won't accept it, it should simply > produce an error. That's the simplifying flow. > > If the peer doesn't know that 2FA is to be used, then the mechanics of all of > this become a mess.
It's also that the server doesn't know what authentication method to use, because it doesn't know anything about the user until it's chosen the "wrong" method. Alan DeKok. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
