httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob McCool <r...@netscape.com>
Subject Re: Digest authentication q...
Date Sat, 10 Jun 1995 01:31:19 GMT
/*
 * "Re: Digest authentication q..." by Brandon Long <blong@uiuc.edu>
 *    written Mon, 5 Jun 1995 22:20:26 -0500 (CDT)
 * 
 * Which means, we're stuck with trying to make the password files
 * non-world readble.  *sigh*
 *
 */

We were ready to place digest auth in our 1.1 clients and servers
until we found that out... as far as we could surmise there was no way
to avoid having enough information in the clear on the server machine
for a person to create repeat attacks.

--Rob

Mime
View raw message