W3C home > Mailing lists > Public > www-tag@w3.org > November 2006

RE: New version of Passwords in the Clear

From: <noah_mendelsohn@us.ibm.com>
Date: Wed, 15 Nov 2006 14:47:39 -0500
To: "Rice, Ed (ProCurve)" <ed.rice@hp.com>
Cc: "John Cowan" <cowan@ccil.org>, "Vincent Quint" <Vincent.Quint@inrialpes.fr>, www-tag@w3.org
Message-ID: <OF6E34573A.3F10C2DE-ON85257227.0068342B-85257227.00686EBF@lotus.com>

Ed Rice writes:

> The only possible exception I could see would be if you had only two
> computers on your network and they're together in a locked room. 
> But then its outside of the scope of the world wide web so the 
> finding doesn't apply.

Whether you agree with them or not, other responses on this list suggest 
examples on the public network in which relatively knowledgeable providers 
of Web resources claim that they are happy with the intermediate level of 
security provided by HTTP Basic over ordinary HTTP.   See for example [1].

Noah

[1] http://lists.w3.org/Archives/Public/www-tag/2006Nov/0085.html

--------------------------------------
Noah Mendelsohn 
IBM Corporation
One Rogers Street
Cambridge, MA 02142
1-617-693-4036
--------------------------------------
Received on Wednesday, 15 November 2006 19:01:22 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:47:43 GMT