db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew McIntyre" <mcintyr...@gmail.com>
Subject Re: User/password encryption and deployment
Date Sat, 16 Jun 2007 07:35:53 GMT
On 6/15/07, Bill Shannon <bill.shannon@sun.com> wrote:
> I think the idea is to protect the communication between the client
> and the server so that passwords aren't sent in the clear.  None of
> the data being stored in the database is being encrypted, just the
> client/server communication.
> It *is* 2007.  Isn't this pretty much standard by now?

See the discussion in http://issues.apache.org/jira/browse/DERBY-65

SSL is the recommended alternative to using the secure password
protocol defined by the DRDA specification. Bernt Johnsen worked on
this for 10.3, due out shortly, and it appears to be complete:



View raw message