Re: Microsoft to Strike IE URL Passwords

Dave Kristol wrote:
> If I understand this article correctly, it sounds like MS IE will remove 
> support for Basic Authentication.  While we all agree that cleartext 
> passwords are evil, this sounds to me like it will create a major 
> compatibility problem at sites that use Basic.  And note that it covers 
> Basic over SSL, too, where the passwords would *not* be cleartext.

Looking at 
<http://support.microsoft.com/default.aspx?scid=kb;[LN];834489>, it 
seems that they do not discontinue Basic Auth, they just disallow 
embedding credentials in URLs. That's something different.

Julian


-- 
<green/>bytes GmbH -- http://www.greenbytes.de -- tel:+492512807760

Received on Friday, 30 January 2004 05:32:59 UTC