W3C home > Mailing lists > Public > public-identity@w3.org > June 2011

Re: [saag] [websec] Fwd: [http-auth] re-call for IETF http-auth BoF

From: Nico Williams <nico@cryptonector.com>
Date: Wed, 22 Jun 2011 12:08:02 -0500
Message-ID: <BANLkTi=bFUVDTsOeO=wKPS_mHiVOMGT9RA@mail.gmail.com>
To: gogwim@unijos.edu.ng
Cc: "SHIMIZU, Kazuki" <kazubu.lepidum@gmail.com>, "public-identity@w3.org" <public-identity@w3.org>, "http-auth@ietf.org" <http-auth@ietf.org>, "websec@ietf.org" <websec@ietf.org>, "saag@ietf.org" <saag@ietf.org>
On Wed, Jun 22, 2011 at 12:21 PM, GOGWIM, JOEL GODWIN
<gogwim@unijos.edu.ng> wrote:
> Supported.
> Weak and predictable passwords should be avoided.

If you have ZKPPs then weak passwords are OK.

Also, all passwords that users must remember should be considered weak.

Nico
--
Received on Wednesday, 22 June 2011 17:08:35 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 22 June 2011 17:08:35 GMT