W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1998

RE: Some comments on Digest Auth

From: David W. Morris <dwm@xpasc.com>
Date: Wed, 21 Jan 1998 09:50:46 -0800 (PST)
To: Paul Leach <paulle@microsoft.com>
Cc: "'dmk@research.bell-labs.com'" <dmk@research.bell-labs.com>, http-wg@cuckoo.hpl.hp.com
Message-Id: <Pine.GSO.3.96.980121095010.5268B-100000@shell1.aimnet.com>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/5252

On Tue, 20 Jan 1998, Paul Leach wrote:

> irrelevant. The important property about plaintext is that it can be
> replayed. If Digest can be replayed, then it has the property of plaintext
> that we're trying to get rid of, and so we will have accomplished nothing.

No, the important property is that it allows recovery of passwords for
attack on other systems.

Dave Morris
Received on Wednesday, 21 January 1998 09:52:15 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:22 UTC