cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Uli Mayring <u...@denic.de>
Subject Re: Off topic but imho important
Date Fri, 15 Sep 2000 23:17:39 GMT
On Fri, 15 Sep 2000, OD wrote:

> Is your auth taglib not up to this Ulrich?

Um, yes :)

It does what I suggested: perform authentication and connect a session to
it. This is still vulnerable to a man-in-the-middle attack and someone
breaking into your webserver. But it's about as much as can be done
without spending serious $$$. You can of course throw some kind of
encryption on top of auth, like md5 or whatever, but in my mind without a
site certicicate this still doesn't protect from man-in-the-middle
attacks.

Ulrich


Mime
View raw message