- From: Ari Luotonen <luotonen@netscape.com>
- Date: Tue, 15 Apr 1997 16:49:14 -0700 (PDT)
- To: Hallam-Baker <hallam@ai.mit.edu>
- Cc: dan@spyglass.com, http-wg@cuckoo.hpl.hp.com
> Please, SSL has nothing to do with Digest Authentication. It is not > a replacement unless you believe that every password protected page > should also be encrypted. SSL does allow a null-cipher -- in Netscape Servers it's enabled via choice "No encryption, only MD5 message authentication". This provides certificate based authentication and message integrity on HTTP data, but the data is not encrypted, so there's minimal overhead. Cheers, -- Ari Luotonen, Mail-Stop MV-061 Opinions my own, not Netscape's. Netscape Communications Corp. ari@netscape.com 501 East Middlefield Road http://home.netscape.com/people/ari/ Mountain View, CA 94043, USA Netscape Proxy Server Development
Received on Tuesday, 15 April 1997 16:52:04 UTC