...
It may desireable for this project to leverage the infrastructure being created by the WebSSO project but that is not a firm requirement at this time.
The project should support the use of non-null instance user identifiers, e.g. JohnDoe@ATHENA.MIT.EDU and JohnDoe/root@ATHENA.MIT.EDU.
The WebDAV protocol is designed to run on top of HTTP. WebDAV does not specify any new authentication mechanisms, instead it defers to HTTP's mechanisms. HTTP currently only defines basic and digest authentication. Most more sophisticated web applications use the presentation layer of the browser to add more sophisticated mechanisms to the session. WebDAV clients do not normally provide a rich presentation layer where the server can introduce new security methods.
...