[3080] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: S/KEY authentication over HTTP protocol

daemon@ATHENA.MIT.EDU (Larry Masinter)
Wed Sep 25 22:28:16 1996

To: jbandy@uswest.net
CC: shipley@dis.org, calai@ncspo3.ncs.com.sg, www-security@ns2.rutgers.edu
In-reply-to: <32495C00.794BDF32@uswest.net> (message from Jim Bandy on Wed, 25
	Sep 1996 09:21:20 PDT)
From: Larry Masinter <masinter@parc.xerox.com>
Date: Wed, 25 Sep 1996 17:34:27 PDT
Errors-To: owner-www-security@ns2.rutgers.edu

> > The basic authentication mechanism of HTTP protocol is fine except that
> >it sends the password over the wire in the clear and would make it

If all you're worried about is passwords over the clear, please see
  http://ds.internic.net/internet-drafts/draft-ietf-http-digest-aa-05.txt

Larry


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3080] in WWW Security List Archive

Re: S/KEY authentication over HTTP protocol

daemon@ATHENA.MIT.EDU (Larry Masinter)Wed Sep 25 22:28:16 1996

daemon@ATHENA.MIT.EDU (Larry Masinter)
Wed Sep 25 22:28:16 1996