OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Re: [xml-dev] RE: Encoding charset of HTTP Basic Authentication

On Jan 30, 2012, at 2:52 PM, Pete Cordell wrote:

> A quick question before I do though, does Digest require the server to have access to the password in clear text form, whereas Basic allows the server to store the password in some hashed form?

That's the crux of it: digest is not worth the complications IMO.

If you care about the integrity of the transport channel, use TLS.

If you use TLS, basic is all what you need.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS