Last nice I came across Stanford's WebAuth site again, and this time took a second look at it. Couple of things I noticed:
Questions to answer:
I use Cyrus SASL in my mail servers, and CURL in some of my PHP implementations, and I defintely use Apache all the time in many instances. I've experimented with LDAP and would love to get it more integrated with our operations, but I just haven't gotten a firm enough grasp of it. And from the community side, it seems to have solid but slightly waning support as a protocol - its respected but not widely popular. Why is that I wonder? Am I missing something?