W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1998

RE: Some comments on Digest Auth

From: David W. Morris <dwm@xpasc.com>
Date: Wed, 21 Jan 1998 09:50:46 -0800 (PST)
To: Paul Leach <paulle@microsoft.com>
Cc: "'dmk@research.bell-labs.com'" <dmk@research.bell-labs.com>, http-wg@cuckoo.hpl.hp.com
Message-Id: <Pine.GSO.3.96.980121095010.5268B-100000@shell1.aimnet.com>

On Tue, 20 Jan 1998, Paul Leach wrote:

> irrelevant. The important property about plaintext is that it can be
> replayed. If Digest can be replayed, then it has the property of plaintext
> that we're trying to get rid of, and so we will have accomplished nothing.

No, the important property is that it allows recovery of passwords for
attack on other systems.

Dave Morris
Received on Wednesday, 21 January 1998 09:52:15 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:11 EDT