Re: New version of Passwords in the Clear

Vincent Quint scripsit:

> Thanks to Ed, a new version of the draft finding "Passwords in the Clear"
> is available at:
> 
>    http://www.w3.org/2001/tag/doc/passwordsInTheClear-52-20061113.html
>    http://www.w3.org/2001/tag/doc/passwordsInTheClear-52

This draft mentions HTTP basic authentication only obliquely; it should
make it clear that using it is an instance of passwords-in-the-clear.

IMHO the draft is too strongly worded; there are cases where simple
password protection is ample.  Please see
http://recycledknowledge.blogspot.com/2005/08/on-not-using-more-security-than-you.html
for my views on the subject.

-- 
You let them out again, Old Man Willow!                 John Cowan
What you be a-thinking of?  You should not be waking!   cowan@ccil.org
Eat earth!  Dig deep!  Drink water!  Go to sleep!
Bombadil is talking.                                    http://ccil.org/~cowan

Received on Tuesday, 14 November 2006 14:02:43 UTC