OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Re: [xml-dev] RE: Encoding charset of HTTP Basic Authentication

Convenient doesn't mean good though.  I think it _can_ be used over TLS, but 
since HTTP needs to support other schemes for non-TLS I can't see the point. 
I don't think it would accepted if it was introduced today.

Pete Cordell
Codalogic Ltd
Interface XML to C++ the easy way using C++ XML
data binding to convert XSD schemas to C++ classes.
Visit http://codalogic.com/lmx/ or http://www.xml2cpp.com
for more info
----- Original Message ----- 
From: "Petite Abeille" <petite.abeille@gmail.com>
To: "xml-dev" <xml-dev@lists.xml.org>
Sent: Sunday, January 29, 2012 8:33 PM
Subject: Re: [xml-dev] RE: Encoding charset of HTTP Basic Authentication

On Jan 29, 2012, at 9:17 PM, Pete Cordell wrote:

> My understanding is that Basic is essentially considered insecure

Basic is convenient, universally  supported, and meant to be used over TLS 
if you care about this kind of things.


XML-DEV is a publicly archived, unmoderated list hosted by OASIS
to support XML implementation and development. To minimize
spam in the archives, you must subscribe before posting.

[Un]Subscribe/change address: http://www.oasis-open.org/mlmanage/
Or unsubscribe: xml-dev-unsubscribe@lists.xml.org
subscribe: xml-dev-subscribe@lists.xml.org
List archive: http://lists.xml.org/archives/xml-dev/
List Guidelines: http://www.oasis-open.org/maillists/guidelines.php

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS