[4557] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Basic Authentication

daemon@ATHENA.MIT.EDU (David Kennedy)
Fri Feb 21 11:32:44 1997

Date: Fri, 21 Feb 1997 09:09:54 -0500
From: David Kennedy <76702.3557@compuserve.com>
To: Aaron Abelard <aarona@iquest.net>,
        WWW Security List <WWW-SECURITY@ns2.rutgers.edu>
Errors-To: owner-www-security@ns2.rutgers.edu

 >> the  username and password used in Basic Authentication is
 >> sent as clear  text.  Does this not allow for the possibility
 >> of the information being  snooped?  Also, are there any
 >> authentication schemes in use other than  Basic?  

Establish an SSL session first.

Regards,

_____________________
Dave Kennedy CISSP
Protect what you connect
Look both ways before crossing the net
Dir, Research, Nat'l Computer Security Assoc.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4557] in WWW Security List Archive

Basic Authentication

daemon@ATHENA.MIT.EDU (David Kennedy)Fri Feb 21 11:32:44 1997

daemon@ATHENA.MIT.EDU (David Kennedy)
Fri Feb 21 11:32:44 1997