httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roy Fielding <>
Subject Re: secure transfer using skey
Date Fri, 01 Sep 1995 18:55:09 GMT
>I think the skey code is PD, so could be dropped into clients and
>I must be missing something, cos this is just too simple.

As I recall, keeping the clients and server synchronized is
the problem -- skey assumes too much about the quality of the
communication link.  There is a revised version of skey (with
a different name) now out as an Internet Draft, but I can't remember
the name.  It might be referenced in the www-security archives.

Phill Hallam-Baker is the person here who knows about that stuff
(I avoid it like the plague, since security requires too much time
to keep up to date).  Phill ( will likely
talk your ear (or fingers) off on the subject.


View raw message