Re: [xml-dev] RE: Encoding charset of HTTP Basic Authentication

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

From: John Cowan <cowan@mercury.ccil.org>
To: Richard Salz <rsalz@us.ibm.com>
Date: Mon, 30 Jan 2012 10:51:13 -0500

Richard Salz scripsit:

> The problem with basic-auth is that it requires the name/password to be 
> sent on every single request. The more a password is used, the more it as 
> at-risk. Even over SSL/TLS.  Digest is better because it never sends the 
> password over the wire. It's worse because 

Arrgh!

> Hope this helps.

Let's try that again, eh?

-- 
Knowledge studies others / Wisdom is self-known;      John Cowan
Muscle masters brothers / Self-mastery is bone;       cowan@ccil.org
Content need never borrow / Ambition wanders blind;   http://ccil.org/~cowan
Vitality cleaves to the marrow / Leaving death behind.    --Tao 33 (Bynner)

Follow-Ups:
- Re: [xml-dev] RE: Encoding charset of HTTP Basic Authentication
  - From: Richard Salz <rsalz@us.ibm.com>

References:
- RE: Encoding charset of HTTP Basic Authentication
  - From: "David Lee" <dlee@calldei.com>
- Re: [xml-dev] RE: Encoding charset of HTTP Basic Authentication
  - From: "Pete Cordell" <petexmldev@codalogic.com>
- Re: [xml-dev] RE: Encoding charset of HTTP Basic Authentication
  - From: Richard Salz <rsalz@us.ibm.com>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]