cshotton@biap.com (Chuck Shotton) said: > >[Dave Kristol said:] > >Fair enough. How about using the server-name in place of realm, then? > >(After all, it's possible two webmasters might choose the same realm > >name on different servers, isn't it!) That would render the same > >username/password combination unique on different machines. So the > >stored hash would be: > > H(<username> : <server-domain-name> : <password>) > > This isn't any better, given that one user may have multiple occurences of > the same name and password for different realms. (It happens!) The best > would be a combination of host domain name and realm name. True enough. But encoding the realm name (along with host domain name) in the stored string would return me to the dilemma I had before: what if I need/want to change domain name? The entire password file becomes invalid. Dave KristolReceived on Monday, 17 July 1995 08:16:28 EDT
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:23 EDT