> Please, SSL has nothing to do with Digest Authentication. It is not > a replacement unless you believe that every password protected page > should also be encrypted. SSL does allow a null-cipher -- in Netscape Servers it's enabled via choice "No encryption, only MD5 message authentication". This provides certificate based authentication and message integrity on HTTP data, but the data is not encrypted, so there's minimal overhead. Cheers, -- Ari Luotonen, Mail-Stop MV-061 Opinions my own, not Netscape's. Netscape Communications Corp. ari@netscape.com 501 East Middlefield Road http://home.netscape.com/people/ari/ Mountain View, CA 94043, USA Netscape Proxy Server DevelopmentReceived on Tuesday, 15 April 1997 16:52:04 EDT
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:34 EDT