WebDAV is very likely to meet the security requirements of a custom application, thanks to the security solutions that already exist for HTTP. HTTP/1.1 supports several authentication schemes; these are used in exactly the same way with WebDAV. Encryption is typically provided with SSL or TLS. Basic AuthenticationBasic authentication uses plain-text passwords. These are only sufficient for the most insecure applications, unless the entire connection is protected with transport layer encryption. Digest AuthenticationDigest is not considered to be quite secure, although it's so vastly preferable to basic, there's little reason not to use it. Since Digest authentication requires extra roundtrips, it does slow down a protocol interaction, so implementors frequently choose the option to reuse "nonces" for the duration of a session. As long as an old nonce is used, Digest is subject to replay attacks: Attackers can copy the digest header from somebody else's message to authenticate themselves improperly to the same server. SSL and TLSSSL and TLS can easily be used to provide many important security features for WebDAV. In particular, encryption, message integrity, and certificates to verify server credentials are all easily provided. It's a little more complicated to set up SSL to authenticate client requests (e.g., for access control), because the client must have a certificate, and certificate distribution is not yet widespread. Instead, Basic authentication is used once the connection is secure. Most Web servers, as well as most Web browsers support SSL now, although WebDAV applications may not. Authorization and Access ControlAuthorization involves granting to specific users the authority to do specific operations. Even without supporting the Access Control specification, a WebDAV server can provide detailed and fine-tuned access control. The only problem is that administering access control must be done through some out-of-band mechanism. For instance, a Web-based interface could be built to allow management of access control by many users, or administrative tools could allow management of access control only by administrators. |