W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1998

RE: Some comments on Digest Auth

From: David W. Morris <dwm@xpasc.com>
Date: Wed, 21 Jan 1998 09:50:46 -0800 (PST)
To: Paul Leach <paulle@microsoft.com>
Cc: "'dmk@research.bell-labs.com'" <dmk@research.bell-labs.com>, http-wg@cuckoo.hpl.hp.com
Message-Id: <Pine.GSO.3.96.980121095010.5268B-100000@shell1.aimnet.com>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/5252


On Tue, 20 Jan 1998, Paul Leach wrote:

> irrelevant. The important property about plaintext is that it can be
> replayed. If Digest can be replayed, then it has the property of plaintext
> that we're trying to get rid of, and so we will have accomplished nothing.
> NOTHING!

No, the important property is that it allows recovery of passwords for
attack on other systems.

Dave Morris
Received on Wednesday, 21 January 1998 09:52:15 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:22 UTC